EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Configuration Guide

HP 3600 v2 Series
449 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #400 background imageLoading...
Page #400 background image
387
2. Configure DHCP address pool 0 on Switch A as a DHCP server.
<SwitchA> system-view
[SwitchA] dhcp enable
[SwitchA] dhcp server ip-pool 0
[SwitchA-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0
3. Configure the DHCP client on Hosts A and B. (Details not shown.)
4. Configure Switch B.
# Enable DHCP snooping, and configure Ethernet 1/0/3 as a DHCP-trusted port.
<SwitchB> system-view
[SwitchB] dhcp-snooping
[SwitchB] interface ethernet 1/0/3
[SwitchB-Ethernet1/0/3] dhcp-snooping trust
[SwitchB-Ethernet1/0/3] quit
# Enable ARP detection.
[SwitchB] vlan 10
[SwitchB-vlan10] arp detection enable
# Configure Ethernet 1/0/3 as an ARP-trusted port.
[SwitchB-vlan10] interface ethernet 1/0/3
[SwitchB-Ethernet1/0/3] arp detection trust
[SwitchB-Ethernet1/0/3] quit
# Configure a static IP source guard binding entry on interface Ethernet 1/0/2.
[SwitchB] interface ethernet 1/0/2
[SwitchB-Ethernet1/0/2] ip source binding ip-address 10.1.1.6 mac-address
0001-0203-0607 vlan 10
[SwitchB-Ethernet1/0/2] quit
# Enable the checking of the MAC addresses and IP addresses of ARP packets.
[SwitchB] arp detection validate dst-mac ip src-mac
# Configure port isolation.
[SwitchB] interface ethernet 1/0/1
[SwitchB-Ethernet1/0/1] port-isolate enable
[SwitchB-Ethernet1/0/1] quit
[SwitchB] interface ethernet 1/0/2
[SwitchB-Ethernet1/0/2] port-isolate enable
[SwitchB-Ethernet1/0/2] quit
After the preceding configurations are complete, ARP packets received on interfaces Ethernet
1/0/1 and Ethernet 1/0/2 have their MAC and IP addresses checked first, and then are checked
against the static IP source guard binding entries and finally DHCP snooping entries. However,
ARP broadcast requests sent from Host A can pass the check on Switch B and reach Host B. Port
isolation fails.
# Configure ARP restricted forwarding.
[SwitchB] vlan 10
[SwitchB-vlan10] arp restricted-forwarding enable
[SwitchB-vlan10] quit
After the configuration, Switch B forwards ARP broadcast requests from Host A to Switch A
through the trusted port Ethernet 1/0/3, and thus Host B cannot receive such packets. Port
isolation works normally.

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Security Configuration Guide
Security Configuration Guide398 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals