Ip source-guard binding – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual

Page 277

Advertising
background image

Brocade 6910 Ethernet Access Switch Configuration Guide

221

53-1002651-02

10

IP Source Guard

ip source-guard binding

This command adds a static address to the source-guard binding table. Use the no form to remove
a static entry.

Syntax

ip source-guard binding mac-address vlan vlan-id ip-address interface ethernet unit/port

no ip source-guard binding mac-address vlan vlan-id

mac-address - A valid unicast MAC address.

vlan-id - ID of a configured VLAN (Range: 1-4093)

ip-address - A valid unicast IP address, including classful types A, B or C.

unit - Unit identifier. (Range: 1)

port - Port number. (Range: 1-12)

Default Setting
No configured entries

Command Mode
Global Configuration

Command Usage

Table entries include a MAC address, IP address, lease time, entry type (Static-IP-SG-Binding,
Dynamic-DHCP-Binding), VLAN identifier, and port identifier.

All static entries are configured with an infinite lease time, which is indicated with a value of
zero by the

show ip source-guard

command (

“show ip source-guard”

on page 224).

When source guard is enabled, traffic is filtered based upon dynamic entries learned via DHCP
snooping, or static addresses configured in the source guard binding table with this command.

Static bindings are processed as follows:

If there is no entry with same VLAN ID and MAC address, a new entry is added to binding
table using the type of static IP source guard binding.

If there is an entry with same VLAN ID and MAC address, and the type of entry is static IP
source guard binding, then the new entry will replace the old one.

If there is an entry with same VLAN ID and MAC address, and the type of the entry is
dynamic DHCP snooping binding, then the new entry will replace the old one and the entry
type will be changed to static IP source guard binding.

ip source-guard max-binding

Sets the maximum number of entries that can be bound to an
interface

IC

show ip source-guard

Shows whether source guard is enabled or disabled on each
interface

PE

show ip source-guard binding

Shows the source guard binding table

PE

TABLE 55

IP Source Guard Commands (Continued)

Command

Function

Mode

Advertising
Popular Brands
Popular manuals