Home » ZyXEL Manuals » Networking » ZyXEL GS1510-24 » Manual Viewer

ZyXEL GS1510-24 User Guide - Page 105

ARP Inspection Overview

Get ZyXEL GS1510-24 PDF manuals and user guides

Add to My Manuals
Save this manual to your list of manuals

Page 105 highlights

Chapter 18 IP Source Guard 18.3.1.3 Configuring DHCP Snooping Follow these steps to configure DHCP snooping on the Switch. 1 Enable DHCP snooping on the Switch. 2 Enable DHCP snooping on each VLAN. 3 Configure trusted and untrusted ports. 4 Configure static bindings. 18.3.2 ARP Inspection Overview Use ARP inspection to filter unauthorized ARP packets on the network. This can prevent many kinds of man-in-the-middle attacks, such as the one in the following example. Figure 54 Example: Man-in-the-middle Attack A B X In this example, computer B tries to establish a connection with computer A. Computer X is in the same broadcast domain as computer A and intercepts the ARP request for computer A. Then, computer X does the following things: • It pretends to be computer A and responds to computer B. • It pretends to be computer B and sends a message to computer A. As a result, all the communication between computer A and computer B passes through computer X. Computer X can read and alter the information passed between them. 18.3.2.1 ARP Inspection and MAC Address Filters When the Switch identifies an unauthorized ARP packet, it automatically creates a MAC address filter to block traffic from the source MAC address and source VLAN ID of the unauthorized ARP packet. You can configure how long the MAC address filter remains in the Switch. GS1510 Series User's Guide 105

Section	Page
GS1510-16/GS1510-24	1
About This User's Guide	3
Document Conventions	5
Safety Warnings	7
Contents Overview	9
Table of Contents	11
Introduction and Hardware Overview	17
Getting to Know Your Switch	19
1.1 Introduction	19
1.1.1 Backbone Application	19
1.1.2 Bridging Example	20
1.1.3 High Performance Switching Example	21
1.1.4 IEEE 802.1Q VLAN Application Examples	21
1.2 Good Habits for Managing the Switch	22
Hardware Installation and Connection	23
2.1 Freestanding Installation	23
2.2 Mounting the Switch on a Rack	24
2.2.1 Rack-mounted Installation Requirements	24
2.2.2 Attaching the Mounting Brackets to the Switch	24
2.2.3 Mounting the Switch on a Rack	25
Hardware Overview	27
3.1 Front Panel	27
3.1.1 Ethernet Ports	28
3.1.2 Mini-GBIC Slots	28
3.1.3 The RESET Button	30
3.2 LEDs	30
3.3 Rear Panel	31
3.3.1 Power Connector	31
Basic Settings	33
The Web Configurator	35
4.1 Introduction	35
4.2 Device Auto Discovery Utility	35
4.3 System Login	35
4.3.1 Smart Mode	36
4.3.2 The Advanced Main Screen	40
4.3.3 The Navigation Panel	40
4.3.4 Change Your Password	42
4.4 Saving Your Configuration	43
4.5 Switch Lockout	43
4.6 Resetting the Switch	43
4.7 Logging Out of the Web Configurator	44
System	45
5.1 System Screen	45
General Settings	47
6.1 What You Can Do	47
6.2 System	47
6.3 Jumbo Frame	48
6.4 SNTP	49
MAC Management	51
7.1 Overview	51
7.2 What You Can Do	51
7.3 What You Need to Know	51
7.4 Static MAC Settings	52
7.5 MAC Table	53
Port Mirroring	55
8.1 Port Mirroring Settings	55
Port Settings	57
9.1 Port Settings	57
9.1.1 Auto Negotiation	57
9.1.2 Flow Control	57
Advanced Settings	61
VLAN	63
10.1 Overview	63
10.2 What You Can Do	63
10.3 What You Need to Know	63
10.3.1 Introduction to IEEE 802.1Q Tagged VLANs	63
10.3.2 Forwarding Tagged and Untagged Frames	64
10.4 Port Isolation	64
10.5 VLAN Settings	67
10.6 Tag Settings	68
10.7 Port Settings	69
EEE	71
11.1 Overview	71
11.1.1 EEE Screen	71
IGMP Snooping	73
12.1 Overview	73
12.2 What You Can Do	73
12.3 What You Need to Know	73
12.3.1 IGMP Snooping and VLANs	74
12.4 General Settings	74
12.5 Port Settings	75
Link Aggregation	77
13.1 Overview	77
13.2 What You Can Do	77
13.3 What You Need to Know	77
13.3.1 Dynamic Link Aggregation	77
13.4 Static Trunk	78
13.5 LACP	79
Loop Guard	81
14.1 Overview	81
14.2 What You Need to Know	81
14.3 Loop Guard	83
QoS	85
15.1 Overview	85
15.2 What You Can Do	85
15.3 What You Need to Know	85
15.3.1 Queuing algorithms	85
15.3.2 QoS Enhancement	86
15.4 Port Priority	86
15.5 IP DiffServ (DSCP)	87
15.5.1 Differentiated Services Code Point (DSCP)	88
15.6 Priority/Queue Mapping	89
15.7 Queuing Method	90
Storm Control	93
16.0.1 Broadcast Storm Control Setup	93
Spanning Tree Protocol	95
17.1 Overview	95
17.2 What You Can DO	95
17.3 What You Need to Know	95
17.3.1 STP Terminology	96
17.3.2 How STP Works	96
17.4 General Settings	97
17.5 STP Status Screen	98
Security and Management	101
IP Source Guard	103
18.1 Overview	103
18.2 What You Can Do	103
18.3 What You Need To Know	103
18.3.1 DHCP Snooping Overview	104
18.3.2 ARP Inspection Overview	105
18.4 DHCP Snooping	107
18.5 Port Settings	108
18.6 ARP Inspection	110
18.6.1 Filter Table	111
18.7 Binding Table	112
18.7.1 Static Entry Settings	112
18.7.2 Binding Table	114
802.1x	117
19.1 Overview	117
19.2 What You Can Do	117
19.3 What You Need to Know	118
19.3.1 IEEE 802.1x Authentication	118
19.3.2 Local User Accounts	118
19.4 Global Settings	118
19.5 Port Settings	120
Web Authentication	123
20.1 Overview	123
20.2 What You Can Do	123
20.3 What You Need to Know	123
20.3.1 User Authentication Experience	124
20.4 Configuration	125
20.5 Customization	126
Maintenance	129
21.1 Overview	129
21.2 What You Can Do	129
21.3 Configuration	130
21.3.1 Backup Settings	130
21.3.2 Upgrade Configuration	131
21.3.3 Restore Factory Default Settings	131
21.4 Firmware	132
21.5 Reboot	132
21.6 System Log	133
21.6.1 Syslog	133
SNMP	135
22.1 Overview	135
22.2 What You Can Do	135
22.3 What You Need to Know	135
22.3.1 About SNMP	135
22.3.2 Supported MIBs	137
22.3.3 SNMP Traps	137
22.4 SNMP Settings	137
22.5 Community Name	138
22.6 Trap Receiver	140
User Account	143
23.1 Overview	143
23.2 User Account Screen	143
Troubleshooting & Product Specifications	145
Troubleshooting	147
24.1 Power, Hardware Connections, and LEDs	147
24.2 Switch Access and Login	148
Product Specifications	151
25.1 General Switch Specifications	151
Appendices and Index	157
Device Auto Discovery	159
IP Addresses and Subnetting	165
Legal Information	175
Open Software Announcements	179