Ip-mac-port binding (impb) – D-Link DES-3018 User Manual
Page 68
DES-3010F/DES-3010FL/DES-3010G/DES-3016/DES-3018/DES-3026 Fast Ethernet Switch Manual
55
IP-MAC-Port Binding (IMPB)
The IP network layer uses a four-byte address. The Ethernet link layer uses a six-byte MAC address.
Binding these two address types together allows the transmission of data between the layers. The primary
purpose of IP-MAC binding is to restrict the access to a switch to a number of authorized users. Only the
authorized client can access the Switch’s port by checking the pair of IP-MAC addresses with the pre-
configured database. If an unauthorized user tries to access an IP-MAC binding enabled port, the system will
block the access by dropping its packet. The maximum number of IP-MAC binding entries is dependant on
chip capability (e.g. the ARP table size) and storage size of the device. The maximum number of IP-MAC
Binding entries is 500. The creation of authorized users can be manually configured by CLI or Web. The
function is port-based, this means a user can enable or disable the function on the individual port.
IP-MAC-Port Binding (IMPB)
The IP-MAC Ports Settings menu is used to enable IP-MAC binding on a per port basis. Ports that are
enabled will apply the IP-MAC check to ingress packets for the port. The IP-MAC database used for the
check must be set up with the IP-MAC-Port Binding Table (see below).
This table is used to enable or disable IP-MAC binding on specific ports. Select a port or a range of ports
with the From and To fields. Enable or disable the port with the State field.
The Zero IP field is used to allow ARP packets entrance to the Switch when these packets have an IP
address of 0.0.0.0, regardless of whether or not the 0.0.0.0 IP address is set in the IP-MAC Binding table.
When the Zero IP field is set to Disabled, ARP packets containing the 0.0.0.0 IP address are dropped. Click
Apply to save changes.
To view this table, click Administration > IP-MAC Binding > IP-MAC Binding Port