|
|
| ||
|
|
|
|
|
| From Port / To Port |
| Select a port or range of ports to set for |
|
|
|
|
|
|
| State |
| Use the |
|
|
|
| Enabled Strict – This mode provides a stricter method of control. If the user selects this mode, |
|
|
|
| all packets will be sent to the CPU, thus all packets will not be forwarded by the hardware until |
|
|
|
| the S/W learns the entries for the ports. The port will check ARP packets and IP packets by IP- |
|
|
|
|
| |
|
|
| to dynamic state. If the packet is not found by the entry, the MAC address will be set to block. |
|
|
|
| Other packets will be dropped. The default mode is strict if not specified. The ports with strict |
|
|
|
| mode will capture unicast DHCP packets through the ACL module. If configuring |
|
|
|
| binding port enable in strict mode when |
|
|
|
| an ACL profile and the rules according to the ports. If there is not enough profile or rule space |
|
|
|
| for ACL profile or rule table, it will return a warning message and will not create ACL profile |
|
|
|
| and rules to capture unicast DHCP packets. |
|
|
|
| Enabled Loose – This mode provides a looser way of control. If the user selects loose mode, |
|
|
|
| ARP packets and IP Broadcast packets will be sent to the CPU. The packets will still be |
|
|
|
| forwarded by the hardware until a specific source MAC address is blocked by the software. |
|
|
|
| The port will check ARP packets and IP Broadcast packets by |
|
|
|
| When the packet is found by the entry, the MAC address will be set to dynamic state. If the |
|
|
|
| packet is not found by the entry, the MAC address will be set to block. Other packets will be |
|
|
|
| bypassed. |
|
|
|
|
|
|
| Allow Zero IP |
| Use the |
|
|
|
| which allows ARP packets with 0.0.0.0 source IP to bypass. |
|
|
|
|
|
|
| Forward DHCP |
| By default, the DHCP packet with broadcast DA will be flooded. When set to disable, the |
|
| Packet |
| broadcast DHCP packet received by the specified port will not be forwarded. This setting is |
|
|
|
| effective when DHCP snooping is enabled, under the case that DHCP packet which has been |
|
|
|
| trapped by the CPU needs to be forwarded by the software. This setting controls the |
|
|
|
| forwarding behavior in this situation. |
|
|
|
|
|
|
| Max Entry |
| Specifies the maximum number of |
|
|
|
| is 5. |
|
|
|
|
|
|
Click Apply to implement changes.
149