Netgear GS724Tv4 Software Administration Manual - Page 77
Con a DAI ACL, To con a DAI ACL with three rules and associate it with VLAN 100, System
View all Netgear GS724Tv4 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 77 highlights
GS716Tv3, GS724Tv4, and GS748Tv5 Smart Switches Configure a DAI ACL DAI relies on the information in the DHCP snooping bindings database to validate ARP packets. For networks that use static IP addresses and do not use DHCP, DAI access control lists (ACLs) can be used to statically map an IP address to a MAC address on a VLAN. When hosts use static IP addresses, the DHCP snooping feature cannot build a bindings database. DAI ACLs are also useful when other switches in the network do not run DAI. DAI consults the static mappings configured in the DAI ACLs before it consults the DHCP snooping bindings database; thus static mappings have precedence over DHCP snooping bindings. If the static flag is enabled on a VLAN, DAI consults the DAI ACL only and does not validate ARP information against the DHCP snooping bindings database. To configure a DAI ACL with three rules and associate it with VLAN 100: 1. Select System > Services > Dynamic ARP Inspection > DAI ACL Configuration. 2. In the Name field, specify a name for the ACL, for example arpACL. 3. Click the Add button. The screen displays the new ACL. 4. Click the ACL name, which is a hyperlink to the Dynamic ARP Inspection ACL Rules Configuration page. 5. From the ACL Name list, select the DAI ACL to configure. 6. In the Source IP Address field, specify the IP address of a host. 7. In the Source MAC Address field, specify the MAC address of the host that is statically mapped to the IP address specified in the Source IP Address field. 8. Click the Add button. 9. Repeat Step 6 through Step 8 to add the second rule. You can add up to 20 static IP address-MAC address mappings to a DAI ACL. Configure System Information 77