Manualshelf

R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
441442443444445446447448449450
46
Figure 142 Network diagram
Configuration procedure
1. Configure VLAN 10, add ports to VLAN 10, and configure the IP address of the VLAN-interface.
(Details not shown.)
2. Configure the DHCP server on Router A:
<RouterA> system-view
[RouterA] dhcp enable
[RouterA] dhcp server ip-pool 0
[RouterA-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0
3. Configure the DHCP client on Hosts A and Host B. (Details not shown.)
4. Configure Router B:
# Enable DHCP snooping, and configure GigabitEthernet 3/0/3 as a DHCP-trusted port.
<RouterB> system-view
[RouterB] dhcp-snooping
[RouterB] interface gigabitethernet 3/0/3
[RouterB-GigabitEthernet3/0/3] port link-mode bridge
[RouterB-GigabitEthernet3/0/3] dhcp-snooping trust
[RouterB-GigabitEthernet3/0/3] quit
# Enable ARP detection.
[RouterB] vlan 10
[RouterB-vlan10] arp detection enable
# Configure GigabitEthernet 3/0/3 as an ARP-trusted port.
[RouterB-vlan10] interface gigabitethernet 3/0/3
[RouterB-GigabitEthernet3/0/3] port link-mode bridge
[RouterB-GigabitEthernet3/0/3] arp detection trust
[RouterB-GigabitEthernet3/0/3] quit
# Configure a static IP source guard entry on interface GigabitEthernet 3/0/2.
[RouterB] interface gigabitethernet 3/0/2
[RouterB-GigabitEthernet3/0/2] port link-mode bridge