Ip source guard, 1 ip source guard overview, 1 arp inspection overview – ZyXEL Communications ES-2108 Series User Manual

ES-2108 Series User’s Guide

165

C

H A P T E R

2 1

IP Source Guard

Use IP source guard to filter unauthorized ARP packets in your network.

21.1 IP Source Guard Overview

IP source guard uses a binding table to distinguish between authorized and unauthorized ARP
packets in your network. A binding contains these key attributes:

• MAC address

• VLAN ID

• IP address

• Port number

When the Switch receives an ARP packet, it looks up the appropriate MAC address, VLAN
ID, IP address, and port number in the binding table. If there is a binding, the Switch forwards
the packet. If there is not a binding, the Switch discards the packet.

The Switch builds from information provided manually by administrators (static bindings).

IP source guard consists of the following features:

• Static bindings. Use this to create static bindings in the binding table.

• ARP inspection. Use this to filter unauthorized ARP packets on the network.

21.1.1 ARP Inspection Overview

Use ARP inspection to filter unauthorized ARP packets on the network. This can prevent
many kinds of man-in-the-middle attacks, such as the one in the following example.

Figure 90 Example: Man-in-the-middle Attack

A

X

B