Configuring an ike profile, Configuring the ipv6 source guard function, Enabling ipv6 source guard on an interface – H3C Technologies H3C S12500-X Series Switches User Manual
Page 221
209
Step Command
Remarks
3.
Configure a static IPv4
source guard binding
entry.
ip source binding { ip-address
ip-address | ip-address
ip-address mac-address
mac-address | mac-address
mac-address } [ vlan vlan-id ]
By default, no static IPv4 source guard
binding entry is configured on an interface.
The vlan vlan-id option is supported only in
Layer 2 Ethernet interface view.
A VLAN ID is required if the static IPv4
source guard binding entry is used in the
ARP detection function, and the specified
VLAN must be enabled with the ARP
detection function. Otherwise, ARP packets
cannot bypass the check of the static IPv4
source guard binding entry on the interface.
You cannot configure the same static IPv4
source guard binding entry on one
interface, but you can configure the same
static IPv4 source guard binding entry on
different interfaces.
128B
Configuring the IPv6 source guard function
You cannot configure the IPv6 source guard function on a service loopback interface. If IPv6 source
guard is enabled on an interface, you cannot assign the interface to a service loopback group.
292B
Enabling IPv6 source guard on an interface
You must first enable the IPv6 source guard function on an interface, and use static source guard binding
entries to filter packets. For information about how to configure a static IPv6 source guard binding entry,
see "
913H
Configuring a static IPv6 source guard binding entry
."
To enable the IPv6 source guard function on an interface:
Step Command
Remarks
1.
Enter system view.
system-view
N/A
2.
Enter interface view.
interface interface-type
interface-number
The interface-type argument can
be Layer 2 Ethernet interface,
Layer 3 Ethernet interface, and
VLAN interface.
3.
Enable the IPv6 source guard
function.
ipv6 verify source { ip-address |
ip-address mac-address |
mac-address }
By default, the function is disabled
on an interface.
If you configure this command on
an interface multiple times, the
most recent configuration takes
effect.
- H3C S5560 Series Switches H3C WX6000 Series Access Controllers H3C WX5000 Series Access Controllers H3C WX3000 Series Unified Switches H3C LSWM1WCM10 Access Controller Module H3C LSWM1WCM20 Access Controller Module H3C LSQM1WCMB0 Access Controller Module H3C LSRM1WCM2A1 Access Controller Module H3C LSBM1WCM2A0 Access Controller Module H3C S9800 Series Switches H3C S5130 Series Switches H3C S5120 Series Switches