D-Link DGS-1510-28P User Manual - Page 306
IMPB, IPv4, DHCPv4 Snooping, DHCP Snooping Global Settings
View all D-Link DGS-1510-28P manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 306 highlights
DGS-1510 Series Gigabit Ethernet SmartPro Switch Web UI Reference Guide Figure 9-35 TACACS Statistic window The fields that can be configured are described below: Parameter Group Server Name Description Select the TACACS group server name from this list here. Click the Clear by Group button to clear the information based on the group selected. Click the Clear All button to clear all the information in this table. Click the Clear button to clear all the information for the specific port. IMPB The IP network layer uses a four-byte address. The Ethernet link-layer uses a six-byte MAC address. Binding these two address types together allows the transmission of data between the layers. The primary purpose of IP-MAC-Port Binding (IMPB) is to restrict the access to a switch to a number of authorized users. Authorized clients can access a switch's port by either checking the pair of IP-MAC addresses with the pre-configured database or if DHCP snooping has been enabled in which case the switch will automatically learn the IP/MAC pairs by snooping DHCP packets and saving them to the IMPB white list. If an unauthorized user tries to access an IP-MAC binding enabled port, the system will block the access by dropping its packet. Active and inactive entries use the same database. The function is port-based, meaning a user can enable or disable the function on the individual port. IPv4 DHCPv4 Snooping DHCP Snooping Global Settings This window is used to view and configure the DHCP snooping global settings. To view the following window, click Security > IMPB > IPv4 > DHCPv4 Snooping > DHCP Snooping Global Settings, as shown below: Figure 9-36 DHCP Snooping Global Settings window The fields that can be configured are described below: Parameter DHCP Snooping Information Option Allow Untrusted Source MAC Verification Station Move Deny Description Select to enable or disable the DHCP snooping global status. Select to enable or disable the option to globally allow DHCP packets with the relay Option 82 on the untrusted interface. Select to enable or disable the verification that the source MAC address in a DHCP packet matches the client hardware address. Select to enable or disable the DHCP snooping station move state. 298