12 ip dhcp snooping binding dot1x, Ip dhcp snooping binding dot – PLANET XGS3-24042 User Manual

30-95

added to the NEIGHBOUR list directly. The priority of binding ARP list entries is lower than the static

ARP list entries set by administrator, so can be overwritten by static ARP list entries; but, when

static ARP list entries are deleted, the binding ARP list entries can not be recovered untill the DHCP

SNOOPING recapture the biding inforamtion. Adding binding ARP list entries is used to prevent

these list entried from being attacked by ARP cheating. At the same time, these static list entries

need no reauthenticaiton, which can prenvent the switch from the failing to reauthenticate ARP

when it is being attacked by ARP scanning.

Only after the DHCP SNOOPING binding function is enabled, the binding ARP function can be set.

Example:

Enable the DHCP Snooping binding ARP funciton.

switch(config)#ip dhcp snooping binding arp

Relative Command:

ip dhcp snooping binding enable

30.12 ip dhcp snooping binding dot1x

Command:

ip dhcp snooping binding dot1x

no ip dhcp snooping binding dot1x

Function:

Enable the DHCP Snooping binding DOT1X funciton.

Command Mode:

Port mode

Default Settings:

By default, the binding DOT1X funciton is disabled on all ports.

Usage Guide:

When this function is enabled, DHCP SNOOPING will notify the DOT1X module about the captured

bindng information as a DOT1X controlled user. This command is mutually exclusive to”ip dhcp

snooping binding user-contro“command.

Only after the DHCP SNOOPING binding function is enabled, the binding ARP function can be set.

Example:

Enable the binding DOT1X funciton on port ethernet1/0/1.

switch(config)#interface ethernet 1/0/1

switch(Config-Ethernet 1/0/1)# ip dhcp snooping binding dot1x

Relative Command:

ip dhcp snooping binding enable