9 ip source guard – Interlogix NS3500-28T-4S User Manual User Manual

275

Figure 4-9-58

ARP Rate Limit Setting Page Screenshot

The page includes the following fields:

Object

Description

 Port

The switch port number of the logical port.

 Rate Limit (pps)

Display the current rat limit.

4.9.9 IP Source Guard

IP Source Guard is a secure feature used to restrict IP traffic on DHCP snooping untrusted ports by filtering traffic

based on the DHCP Snooping Table or manually configured IP Source Bindings. It helps prevent IP spoofing attacks

when a host tries to spoof and use the IP address of another host.

After receiving a packet, the port looks up the key attributes (including IP address, MAC address and VLAN tag) of the

packet in the binding entries of the IP source guard. If there is a matching entry, the port will forward the packet.

Otherwise, the port will abandon the packet.

IP source guard filters packets based on the following types of binding entries:



IP-port binding entry



MAC-port binding entry



IP-MAC-port binding entry