ZyXEL GS1510-24 User Guide - Page 103
IP Source Guard
View all ZyXEL GS1510-24 manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 103 highlights
CHAPTER 18 IP Source Guard 18.1 Overview Use the IP source guard screens to filter unauthorized DHCP and ARP packets in your network. IP source guard uses a binding table to distinguish between the authorized and unauthorized DHCP and ARP packets in your network. 18.2 What You Can Do • Use the DHCP Snooping screens (Section 18.4 on page 107) to filter unauthorized DHCP packets on the network and to build the binding table dynamically. • Use the ARP Inspection screens (Section 18.6 on page 110) to filter unauthorized ARP packets on the network. • Use the Binding Table screens (Section 18.7 on page 112) to manually enter static bindings and to convert dynamic bindings to static. 18.3 What You Need To Know A binding in the IP source guard binding table contains these key attributes: • MAC address • VLAN ID • IP address • Port number When the Switch receives an ARP packet, it looks up the appropriate MAC address, VLAN ID, IP address, and port number in the binding table. If there is a binding, the Switch forwards the packet. If there is not a binding, the Switch discards the packet. The Switch builds the binding table by snooping DHCP packets (dynamic bindings) and from information provided manually by administrators (static bindings). GS1510 Series User's Guide 103