TP-Link T1500G-10MPS T1500G-10MPSUN V1 User Guide - Page 163
ARP Inspection
View all TP-Link T1500G-10MPS manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 163 highlights
Select: Port: Option 82 Support: Operation Strategy: Circuit ID Customization: Circuit ID: Remote ID Customization: Remote ID: LAG: Select your desired port for configuration. It is multi-optional. Displays the port number. Enable/Disable the Option 82 feature. Select the operation for the existed Option 82 field of the DHCP request packets from the Host. The option 82 field in DHCP reply packets will be remove when the option 82 feature is enable,no matter which operation is configured for the existed option 82 filed. • Keep: Indicates to keep the Option 82 field of the packets. • Replace: Indicates to replace the Option 82 field of the packets with the switch defined one. • Drop: Indicates to discard the packets including the Option 82 field. Enable or disable the switch to define the Option 82 sub-option Circuit ID field. With Disable selected, configure VLAN ID and port number from which the packet is received as the circuit ID default value. Enter the sub-option Circuit ID for the customized Option 82 field. Enable or disable the switch to define the Option 82 sub-option Remote ID field. With Disable selected, configure the switch system MAC address as the remote ID default value. Enter the sub-option Remote ID for the customized Option 82. Displays the LAG to which the port belongs. 12.3 ARP Inspection According to the ARP Implementation Procedure stated in 12.1.3 ARP Scanning, it can be found that ARP protocol can facilitate the Hosts in the same network segment to communicate with one another or access to external network via Gateway. However, since ARP protocol is implemented with the premise that all the Hosts and Gateways are trusted, there are high security risks during ARP Implementation Procedure in the actual complex network. Thus, the cheating attacks against ARP, such as imitating Gateway, cheating Gateway, cheating terminal Hosts and ARP Flooding Attack, frequently occur to the network, especially to the large network such as campus network. The following part will simply introduce these ARP attacks. Imitating Gateway The attacker sends the MAC address of a forged Gateway to Host, and then the Host will automatically update the ARP table after receiving the ARP response packets, which causes that the Host cannot access the network normally. The ARP Attack implemented by imitating Gateway is illustrated in the following figure. 154