Arp detection configuration example ii, Network requirements, Configuration procedure – H3C Technologies H3C S5120 Series Switches User Manual

Page 237

Advertising
background image

2-9

After the preceding configurations are completed, when ARP packets arrive at interfaces

GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2, their MAC and IP addresses are checked, and then

the packets are checked against the IP-to-MAC binding and finally DHCP snooping entries.

ARP Detection Configuration Example II

Network requirements

As shown in

Figure 2-3

, enable 802.1X on Switch A. Enable ARP detection for VLAN 10 to allow only

packets from valid clients to pass. Configure Host A and Host B as local 802.1X access users.

Figure 2-3 Network diagram for ARP detection configuration

Configuration procedure

1) Add all the ports on Switch A into VLAN 10 (the configuration procedure is omitted).

2) Configure DHCP server (the configuration procedure is omitted).

3) Configure Host A and Host B as 802.1X clients (the configuration procedure is omitted) and

configure them to upload IP addresses for ARP detection.

4) Configure Switch A

# Enable the 802.1X function.

<SwitchA> system-view

[SwitchA] dot1x

[SwitchA] interface GigabitEthernet 1/0/1

[SwitchA-GigabitEthernet1/0/1] dot1x

[SwitchA-GigabitEthernet1/0/1] quit

[SwitchA] interface GigabitEthernet 1/0/2

[SwitchA-GigabitEthernet1/0/2] dot1x

[SwitchA-GigabitEthernet1/0/2] quit

# Add local access user test.

[SwitchA] local-user test

[SwitchA-luser-test] service-type lan-access

[SwitchA-luser-test] password simple test

[SwitchA-luser-test] quit

Advertising
See also other documents in the category H3C Technologies Routers: