C
OMMAND
L
INE
I
NTERFACE
4-264
Example
Related Commands
interface (4 -144)
IP Source Guard Commands
IP Source Guard is a security feature that filters IP traffic on network
interfaces based on manually configured entries in the IP Source Guard
table, or static and dynamic entries in the DHCP Snooping table when
enabled (see “DHCP Snooping Commands” on page 4-269). IP source
guard can be used to prevent traffic attacks caused when a host tries to
use the IP address of a neighbor to access the network. This section
describes commands used to configure IP Source Guard.
Console#ping 10.1.0.9
Type ESC to abort.
PING to 10.1.0.9, by 5 32-byte payload ICMP packets, timeout is 5
seconds
response time: 10 ms
response time: 10 ms
response time: 10 ms
response time: 10 ms
response time: 0 ms
Ping statistics for 10.1.0.9:
5 packets transmitted, 5 packets received (100%), 0 packets lost (0%)
Approximate round trip times:
Minimum = 0 ms, Maximum = 10 ms, Average = 8 ms
Console#
Table 4-75 IP Source Guard Commands
Command
Function
Mode Page
ip source-guard
Configures the switch to filter inbound
traffic based on source IP address, or source
IP address and corresponding MAC address
IC
4-265
ip source-guard
binding
Adds a static address to the source-guard
binding table
GC
4-267
show ip
source-guard
Shows whether source guard is enabled or
disabled on each interface
PE
4-268
show ip
source-guard
binding
Shows the source guard binding table
PE
4-269
Summary of Contents for 6128L2
Page 2: ......
Page 21: ...CONTENTS xvii Glossary Index ...
Page 22: ...CONTENTS xviii ...
Page 26: ...TABLES xxii ...
Page 40: ...INTRODUCTION 1 10 ...
Page 54: ...INITIAL CONFIGURATION 2 14 ...
Page 193: ...PORT CONFIGURATION 3 139 Figure 3 61 Displaying Etherlike and RMON Statistics ...
Page 257: ...QUALITY OF SERVICE 3 203 Figure 3 90 Configuring Policy Maps ...
Page 313: ...COMMAND GROUPS 4 13 PE Privileged Exec VC VLAN Database Configuration ...
Page 592: ...TROUBLESHOOTING B 4 ...
Page 605: ......