R3303-HP HSR6800 Routers Security Configuration Guide
26
Ste
p
Command
Remarks
3. Configure a static IPv4 source
guard entry on the port.
ip source binding { ip-address
ip-address | ip-address ip-address
mac-address mac-address |
mac-address mac-address } [ vlan
vlan-id ]
By default, no static IPv4 binding
entry is configured on a port.
A static source guard entry can be
configured on only Layer 2
Ethernet ports.
Setting the maximum number of IPv4 source guard entries
The maximum number of IPv4 source guard entries is used to limit the total number of static and dynamic
IPv4 source guard entries on a port. When the number of IPv4 binding entries on a port reaches the
maximum, the port does not allowed new IPv4 binding entries any more.
If the maximum number of IPv4 binding entries to be configured is smaller than the number of existing
IPv4 binding entries on the port, the maximum number can be configured successfully and the existing
entries will not be affected. New IPv4 binding entries, however, cannot be added more unless the
number of IPv4 binding entries on the port drops below the configured maximum.
To configure the maximum number of IPv4 binding entries allowed on a port:
Ste
p
Command
Remarks
1. Enter system view.
system-view N/A
2. Enter interface view.
interface interface-type
interface-number
N/A
3. Configure the maximum
number of IPv4 binding
entries allowed on the port.
ip verify source max-entries
number
Optional.
Displaying and maintaining IP source guard
For IPv4 source guard:
Task Command
Remarks
Display static IPv4 source guard
entries (in standalone mode).
display ip source binding static [ interface
interface-type interface-number |
ip-address ip-address | mac-address
mac-address ] [ slot slot-number ] [ | { begin
| exclude | include } regular-expression ]
Available in any view.