D-Link DGS-3200-16 User Manual - Page 112
IP-MAC-Port Binding, IMP Global Settings
UPC - 790069312007
View all D-Link DGS-3200-16 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 112 highlights
xStack® DGS-3200 Series Layer 2 Gigabit Ethernet Managed Switch IP-MAC-Port Binding The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC-port binding is to restrict the access to a switch to a number of authorized users. Authorized clients can access a switch's port by either checking the pair of IPMAC addresses with the pre-configured database or if DHCP snooping has been enabled in which case the the switch will automatically learn the IP/MAC pairs by snooping DHCP packets and saving them to the IMPB white list. If an unauthorized user tries to access an IP-MAC binding enabled port, the system will block the access by dropping its packet. For the xStack® DGS3200 Series of switches, active and inactive entries use the same database. The maximum number of entries is 511. The creation of authorized users can be manually configured by CLI or Web. The function is port-based, meaning a user can enable or disable the function on the individual port. The IP-MAC-Port Binding folder contains five windows: IMP Global Settings, IMP Port Settings, IMP Entry Settings, DHCP Snooping Entries, and MAC Block List. IMP Global Settings Users can enable or disable the Trap/Log State and DHCP Snoop state on the Switch. The Trap/Log field will enable and disable the sending of trap/log messages for IP-MAC-port binding. When enabled, the Switch will send a trap message to the SNMP agent and the Switch log when an ARP packet is received that doesn't match the IP-MAC-port binding configuration set on the Switch. To view the following window, click Security > IP-MAC-Port Binding > IMP Global Settings: Figure 5 - 4. IMP Global Settings window The following parameters can be set: Parameter Description Trap / Log This field will enable and disable the sending of trap/log messages for IP-MAC-port binding. When Enabled, the Switch will send a trap message to the SNMP agent and the Switch log when an ARP packet is received that doesn't match the IP-MAC-port binding configuration set on the Switch. The default is Disabled. DHCP Snoop State Use the pull-down menu to enable or disable DHCP snooping for IP-MAC-port binding. The default is Disabled. Click Apply to implement the settings made. IMP Port Settings Select a port or a range of ports with the From Port and To Port fields. Enable or disable the port with the State, Allow Zero IP and Forward DHCP Packet field, and configure the port's Max Entry. To view the following window, click Security > IP-MAC-Port Binding > IMP Port Settings: 99