Table of Contents
Advertisement
| General Security Measures
C
25
HAPTER
IPv4 Source Guard
ip source-guard
binding
Table 95: IPv4 Source Guard Commands (Continued)
Command
show ip source-guard
show ip source-guard
binding
This command adds a static address to the source-guard ACL or MAC
address binding table. Use the no form to remove a static entry.
S
YNTAX
ip source-guard binding [mode {acl | mac}] mac-address
vlan vlan-id ip-address interface ethernet unit/port
no ip source-guard binding [mode {acl | mac}] mac-address
vlan vlan-id
mode - Specifies the binding mode.
acl - Adds binding to ACL table.
mac - Adds binding to MAC address
mac-address - A valid unicast MAC address.
vlan-id - ID of a configured VLAN (Range: 1-4094)
ip-address - A valid unicast IP address, including classful types A, B
or C.
unit - Unit identifier. (Range: 1)
port - Port number. (Range: 1-28)
D
S
EFAULT
ETTING
No configured entries
C
M
OMMAND
ODE
Global Configuration
C
U
OMMAND
SAGE
◆
If the binding mode is not specified in this command, the entry is bound
to the ACL table by default.
Table entries include a MAC address, IP address, lease time, entry type
◆
(Static-IP-SG-Binding, Dynamic-DHCP-Binding), VLAN identifier, and
port identifier.
All static entries are configured with an infinite lease time, which is
◆
indicated with a value of zero by the
(page
925).
When source guard is enabled, traffic is filtered based upon dynamic
◆
entries learned via DHCP snooping, or static addresses configured in
the source guard binding table with this command.
– 920 –
Function
Shows whether source guard is enabled or disabled
on each interface
Shows the source guard binding table
show ip source-guard
Mode
PE
PE, NE
command
- Quick Links:
- Connecting to the Switch
- Console Connection
Hide quick links:
Advertisement
Chapters
Table of Contents
