R3303-HP HSR6800 Routers Security Configuration Guide
27
Task Command
Remarks
Display static IPv4 source guard
entries (in IRF mode).
display ip source binding static [ interface
interface-type interface-number |
ip-address ip-address | mac-address
mac-address ] [ chassis chassis-number slot
slot-number ] [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Display IPv4 source guard entries
(in standalone mode).
display ip source binding [ interface
interface-type interface-number |
ip-address ip-address | mac-address
mac-address ] [ slot slot-number ] [ | { begin
| exclude | include } regular-expression ]
Available in any view.
Display IPv4 source guard entries
(in IRF mode).
display ip source binding [ interface
interface-type interface-number |
ip-address ip-address | mac-address
mac-address ] [ chassis chassis-number slot
slot-number ] [ | { begin | exclude |
include } regular-expression ]
Available in any view.
Static IPv4 source guard entry configuration
example
Network requirements
As shown in Figure 134, Host A and Host B are connected to ports GigabitEthernet 3/0/2 and
GigabitEthernet 3/0/1 of Router B respectively, Host C is connected to port GigabitEthernet 3/0/2 of
Router A, and Router B is connected to port GigabitEthernet 3/0/1 of Router A. All hosts use static IP
addresses.
Configure static IPv4 source guard entries on Router A and Router B to meet the following requirements:
• On port GigabitEthernet 3/0/2 of Router A, only IP packets from Host C can pass.
• On port GigabitEthernet 3/0/1 of Router A, only IP packets from Host A can pass.
• On port GigabitEthernet 3/0/2 of Router B, only IP packets from Host A can pass.
• On port GigabitEthernet 3/0/1 of Router B, only IP packets sourced from 192.168.0.2/24 can
pass. Host B can communicate with Host A by using this IP address even if it uses another network
adapter.