Manualshelf

R0106-HP MSR Router Series Security Configuration Guide(V7)

ManualsBrandsHP ManualsNetwork HardwareHP MSR4060 Router Chassis
421422423424425426427428429430
415
Figure 125 Network diagram
Configuration procedure
1. Configure VLAN 10, add interfaces to VLAN 10, and specify the IP address of the VLAN-interface.
(Details not shown.)
2. Configure the DHCP server on Switch A, and configure DHCP address pool 0.
<SwitchA> system-view
[SwitchA] dhcp enable
[SwitchA] dhcp server ip-pool 0
[SwitchA-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0
3. Configure Host A (DHCP client) and Host B. (Details not shown.)
4. Configure Switch B:
# Enable DHCP snooping, and configure GigabitEthernet 2/1/3 as a DHCP-trusted port.
<SwitchB> system-view
[SwitchB] dhcp snooping enable
[SwitchB] interface gigabitethernet 2/1/3
[SwitchB-GigabitEthernet2/1/3] dhcp snooping trust
[SwitchB-GigabitEthernet2/1/3] quit
# Enable ARP detection for user validity check.
[SwitchB] vlan 10
[SwitchB-vlan10] arp detection enable
# Configure GigabitEthernet 2/1/3 as an ARP-trusted port.
[SwitchB-vlan10] interface gigabitethernet 2/1/3
[SwitchB-GigabitEthernet2/1/3] arp detection trust
[SwitchB-GigabitEthernet2/1/3] quit
# Configure a static IP source guard entry on interface GigabitEthernet 2/1/2.
[SwitchB] interface gigabitethernet 2/1/2
[SwitchB-GigabitEthernet2/1/2] ip source binding ip-address 10.1.1.6 mac-address
0001-0203-0607 vlan 10
[SwitchB-GigabitEthernet2/1/2] quit