Ip source guard – Brocade Communications Systems Brocade ICX 6650 6650 User Manual

Page 314

Advertising
background image

294

Brocade ICX 6650 Security Configuration Guide

53-1002601-01

IP source guard

Viewing the status of DHCP option 82 and the subscriber ID

Use the show interfaces ethernet command to obtain information about the status of DHCP option
82 and the configured subscriber ID, if applicable. In the example below, the text in bold type
displays the information specific to DHCP option 82.

The above output shows that DHCP option 82 is Enabled on the device and the configured
subscriber ID is Brocade001.

Syntax: show interfaces ethernet port

Specify the port variable in the stack-unit/slotnum/portnum format.

IP source guard

You can use IP Source Guard together with Dynamic ARP Inspection on untrusted ports. Refer to

“DHCP snooping”

on page 283 and

“Dynamic ARP inspection”

on page 279.

The Brocade implementation of the IP Source Guard feature supports configuration on a port, on
specific VLAN memberships on a port (Layer 2 devices only), and on specific ports on a virtual
interface (VE) (Layer 3 devices only).

Untrusted Ports

A list of untrusted ports in the VLAN.

Relay Info. disabled Ports

Ports on which DHCP option 82 was disabled.

TABLE 73

Output for the show ip dhcp snooping vlan command

Field

Description

Brocade# show interfaces ethernet 1/1/3
Ethernet3 is up, line protocol is up
Hardware is Ethernet, address is 0000.0020.0002 (bia 00e0.5200.0002)
Configured speed auto, actual 1Gbit, configured duplex fdx, actual fdx
Configured mdi mode AUTO, actual MDI
Member of L2 VLAN ID 1, port is untagged, port state is FORWARDING
BPDU guard is Disabled, ROOT protect is Disabled
Link Error Dampening is Disabled
STP configured to ON, priority is level0
Flow Control is config enabled, oper enabled, negotiation disabled
mirror disabled, monitor disabled
Not member of any active trunks
Not member of any configured trunks
No port name
IPG MII 96 bits-time, IPG GMII 96 bits-time
IP MTU 1500 bytes
300 second input rate: 0 bits/sec, 0 packets/sec, 0.00% utilization
300 second output rate: 264 bits/sec, 0 packets/sec, 0.00% utilization
0 packets input, 0 bytes, 0 no buffer
Received 0 broadcasts, 0 multicasts, 0 unicasts
0 input errors, 0 CRC, 0 frame, 0 ignored
0 runts, 0 giants
0 packets output, 0 bytes, 0 underruns
Transmitted 0 broadcasts, 0 multicasts, 0 unicasts
0 output errors, 0 collisions
Relay Agent Information option: Enabled, Subscriber-ID: Brocade001

Advertising
Popular Brands
Popular manuals