Ip source guard configuration examples, Static binding entry configuration example, Network requirements – H3C Technologies H3C WX6000 Series Access Controllers User Manual
Page 289: Network diagram, Configuration procedure
26-3
IP Source Guard Configuration Examples
Static Binding Entry Configuration Example
Network requirements
As shown in
, an access controller (AC), a switch and Hosts A, B and C are on an Ethernet.
Host A and Host B are connected to ports GigabitEthernet1/0/1 and GigabitEthernet 1/0/2 of the switch
respectively, Host C is connected to port GigabitEthernet 0/0/2 of the AC, while the switch is connected
to port GigabitEthernet 0/0/1 of the AC.
Detailed requirements are as follows:
z
On port GigabitEthernet 0/0/2 of AC, only IP packets with the source MAC address of
00-01-02-03-04-05 and the source IP address of 192.168.0.3 can pass.
z
On port GigabitEthernet 0/0/1 of AC, only IP packets with the source MAC address of
00-01-02-03-04-06 and the source IP address of 192.168.0.1 can pass.
z
On port GigabitEthernet 1/0/1 of Switch, only IP packets with the source MAC address of
00-01-02-03-04-06 and the source IP address of 192.168.0.1 can pass.
z
On port GigabitEthernet 1/0/2 of Switch, only IP packets with the source MAC address of
00-01-02-03-04-07 and the source IP address of 192.168.0.2 can pass.
Network diagram
Figure 26-1
Network diagram for configuring static binding entries
Configuration procedure
1) Configure
AC
# Configure the IP addresses of various interfaces (omitted).
# Configure port GigabitEthernet 0/0/2 of AC to allow only IP packets with the source MAC address of
00-01-02-03-04-05 and the source IP address of 192.168.0.3 to pass.
[AC] interface GigabitEthernet 0/0/2
[AC-GigabitEthernet0/0/2] user-bind ip-address 192.168.0.3 mac-address 0001-0203-0405
[AC-GigabitEthernet0/0/2] quit
# Configure port GigabitEthernet 0/0/1 of AC to allow only IP packets with the source MAC address of
00-01-02-03-04-06 and the source IP address of 192.168.0.1 to pass.
[AC] interface GigabitEthernet 0/0/1