9 ip dhcp snooping binding arp, Ip dhcp snooping binding arp – PLANET WGSW-50040 User Manual

Commands for Security Function Chapter 6 Commands for TACACS+

255.255.255.0 interface Ethernet 1/16

Relative Command:

ip dhcp snooping binding enable

16.9 ip dhcp snooping binding arp

Command:

ip dhcp snooping binding arp

no ip dhcp snooping binding arp

Function:

Enable the DHCP Snooping binding ARP funciton.

Command Mode:

Globe mode

Default Settings:

DHCP Snooping binding ARP funciton is disabled by default.

Usage Guide:

When this function is enbaled, DHCP SNOOPING will add binding ARP list entries according to

binding information. Only after the binding function is enabled, can the binding ARP function be

enabled. Binding ARP list entries are static entries without configuration of reservation, and will be

added to the NEIGHBOUR list directly. The priority of binding ARP list entries is lower than the static

ARP list entries set by administrator, so can be overwritten by static ARP list entries; but, when

static ARP list entries are deleted, the binding ARP list entries can not be recovered untill the DHCP

SNOOPING recapture the biding inforamtion. Adding binding ARP list entries is used to prevent

these list entried from being attacked by ARP cheating. At the same time, these static list entries

need no reauthenticaiton, which can prenvent the switch from the failing to reauthenticate ARP

when it is being attacked by ARP scanning.

Only after the DHCP SNOOPING binding function is enabled, the binding ARP function can be set.

Example:

Enable the DHCP Snooping binding ARP funciton.

switch(config)#ip dhcp snooping binding arp

Relative Command:

ip dhcp snooping binding enable