Ip Source-Guard Binding; Table 51: Ip Source Guard Commands - Motorola EX-3524 Cli Reference Manual

Layer 2 gigabit ethernet poe/poe+ switch
Hide thumbs Also See for EX-3524:
Table of Contents

Advertisement

Chapter 8
| General Security Measures
IP Source Guard
IP Source Guard
ip source-guard
binding
IP Source Guard is a security feature that filters IP traffic on network interfaces
based on manually configured entries in the IP Source Guard table, or dynamic
entries in the DHCP Snooping table when enabled (see
page
242). IP source guard can be used to prevent traffic attacks caused when a
host tries to use the IP address of a neighbor to access the network. This section
describes commands used to configure IP Source Guard.

Table 51: IP Source Guard Commands

Command

ip source-guard binding

ip source-guard
ip source-guard max-binding
show ip source-guard
show ip source-guard
binding
This command adds a static address to the source-guard binding table. Use the no
form to remove a static entry.
Syntax
ip source-guard binding mac-address vlan vlan-id ip-address
interface ethernet unit/port
no ip source-guard binding mac-address vlan vlan-id
mac-address - A valid unicast MAC address.
vlan-id - ID of a configured VLAN (Range: 1-4093)
ip-address - A valid unicast IP address, including classful types A, B or C.
unit - Unit identifier. (Range: 1)
port - Port number. (Range: 1-28/52)
Default Setting
No configured entries
Command Mode
Global Configuration
Function
Adds a static address to the source-guard binding table
Configures the switch to filter inbound traffic based on
source IP address, or source IP address and
corresponding MAC address
Sets the maximum number of entries that can be bound
to an interface
Shows whether source guard is enabled or disabled on
each interface
Shows the source guard binding table
– 250 –
"DHCP Snooping" on
Mode
GC
IC
IC
PE
PE

Hide quick links:

Advertisement

Table of Contents
loading

This manual is also suitable for:

Ex-3548

Table of Contents