EasyManuals Logo
Home>HP>Switch>3600 v2 Series

HP 3600 v2 Series Security Configuration Guide

HP 3600 v2 Series
398 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #328 background imageLoading...
Page #328 background image
317
On a Layer 2 Ethernet port, IP source guard cooperates with DHCP snooping, dynamically obtains
the DHCP snooping entries generated during dynamic IP address allocation, and generates IP
source guard entries accordingly.
On a VLAN interface, IP source guard cooperates with DHCP relay, dynamically obtains the DHCP
relay entries generated during dynamic IP address allocation across network segments, and
generates IP source guard entries accordingly.
Dynamic IPv4 source guard entries can contain such information as the MAC address, IP address, VLAN
tag, ingress port information, and entry type (DHCP snooping or DHCP relay), where the MAC address,
IP address, or VLAN tag information may not be included depending on your configuration. IP source
guard applies these entries to the port to filter packets.
Follow these steps to configure the IPv4 source guard function on a port:
To do… Use the command…
Remarks
Enter system view system-view
Enter interface view
interface interface-type
interface-number
The term interface collectively
refers to the following types of
ports and interfaces: Layer 2
Ethernet ports, VLAN interfaces,
and port groups.
Configure IPv4 source guard on
the port
ip verify source { ip-address |
ip-address mac-address |
mac-address }
Required
Not configured by default.
NOTE:
To generate IPv4 binding entries dynamically based on DHCP entries, make sure that DHCP snoopin
g
or
DHCP relay is configured and working normally. For information about DHCP snoopin
g
confi
g
uration
and DHCP relay configuration, see
Layer 3IP Services Configuration Guide
.
If you repeatedly configure the IPv4 source guard function on a port, only the last configuration takes
effect.
Although dynamic IPv4 source
g
uard bindin
g
entries are
g
enerated based on DHCP entries, the number
of dynamic IPv4 source guard binding entries is not necessarily the same as that of the DHCP entries.
Configuring a static IPv4 source guard binding entry
Static IPv4 binding entries take effect only on the ports configured with the IPv4 source guard function
(see “Configuring IPv4 source guard on a port”).
F
ollow these steps to configure a static IPv4 binding entry on a port:
To do… Use the command… Remarks
Enter system view
system-view
Enter Layer 2 interface view
interface interface-type
interface-number

Table of Contents

Other manuals for HP 3600 v2 Series

Preview: Command Reference
Command Reference479 pages
Preview: Installation Guide
Installation Guide62 pages
Preview: Compliance And Safety Manual
Compliance And Safety Manual51 pages
Preview: Configuration Guide
Configuration Guide449 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP 3600 v2 Series and is the answer not in the manual?

HP 3600 v2 Series Specifications

General IconGeneral
BrandHP
Model3600 v2 Series
CategorySwitch
LanguageEnglish

Related product manuals