Chapter 8
| General Security Measures
IP Source Guard
show ip source-guard
show ip source-guard
binding
Command Usage
This command sets the maximum number of address entries that can be mapped
to an interface in the binding table, including both dynamic entries discovered by
DHCP snooping and static entries set by the
Example
This example sets the maximum number of allowed entries in the binding table for
port 5 to one entry.
Console(config)#interface ethernet 1/5
Console(config-if)#ip source-guard max-binding 1
Console(config-if)#
This command shows whether source guard is enabled or disabled on each
interface.
Command Mode
Privileged Exec
Example
Console#show ip source-guard
Interface
Filter-type
---------
-----------
Eth 1/1
DISABLED
Eth 1/2
DISABLED
Eth 1/3
DISABLED
Eth 1/4
DISABLED
Eth 1/5
SIP
Eth 1/6
DISABLED
. .
.
This command shows the source guard binding table.
Syntax
show ip source-guard binding [dhcp-snooping | static]
dhcp-snooping - Shows dynamic entries configured with DHCP Snooping
commands (see
static - Shows static entries configured with the
command (see
page
Command Mode
Privileged Exec
ip source-guard
Max-binding
-----------
5
5
5
5
1
5
page
242)
250).
– 254 –
command.
ip source-guard binding