HP 6125G HP 6125G & 6125G/XG Blade Switches Security Configuration Gui - Page 238
Setting the maximum number of IPv4 source guard entries, Displaying and maintaining IP source guard
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 238 highlights
Setting the maximum number of IPv4 source guard entries The maximum number of IPv4 source guard entries is used to limit the total number of static and dynamic IPv4 source guard entries on a port. When the number of IPv4 binding entries on a port reaches the maximum, the port does not allowed new IPv4 binding entries any more. If the maximum number of IPv4 binding entries to be configured is smaller than the number of existing IPv4 binding entries on the port, the maximum number can be configured successfully, and the existing entries are not affected. New IPv4 binding entries, however, cannot be added until the number of IPv4 binding entries on the port drops below the configured maximum. To configure the maximum number of IPv4 binding entries allowed on a port: Step 1. Enter system view. 2. Enter Layer 2 Ethernet interface view. 3. Configure the maximum number of IPv4 binding entries allowed on the port. Command system-view interface interface-type interface-number ip verify source max-entries number Remarks N/A N/A Optional. 512 by default. Displaying and maintaining IP source guard Task Command Remarks Display static IPv4 source guard entries. display ip source binding static [ interface interface-type interface-number | ip-address ip-address | mac-address mac-address ] [ slot slot-number ] [ | { begin | exclude | include } regular-expression ] Available in any view Display IPv4 source guard entries. display ip source binding [ interface interface-type interface-number | ip-address ip-address | mac-address mac-address ] [ slot slot-number ] [ | { begin | exclude | include } regular-expression ] Available in any view IP source guard configuration examples Static IPv4 source guard configuration example Network requirements As shown in Figure 69, Host A and Host B are connected to ports GigabitEthernet 1/0/2 and GigabitEthernet 1/0/1 of Device B respectively, Host C is connected to port GigabitEthernet 1/0/2 of Device A, and Device B is connected to port GigabitEthernet 1/0/1 of Device A. All hosts use static IP addresses. Configure static IPv4 source guard entries on Device A and Device B to meet the following requirements: • On port GigabitEthernet 1/0/2 of Device A, only IP packets from Host C can pass. 228