D-Link DGS-3700 - page 160

DGS-3700-12/DGS-3700-12G Series Layer 2 Gigabit Ethernet Switch User Manual

149

From Port / To Port Select a port or range of ports to set for IP-MAC Binding.

State Use the pull-down menu to Enable or Disable these ports for IP-MAC Binding.

Enabled Strict – This mode provides a stricter method of control. If the user selects this mode,

all packets will be sent to the CPU, thus all packets will not be forwarded b y the har dware un til

the S/W learns the entries for the ports. The port will check ARP pack ets and IP p ac k et s b y IP-

MAC-Port Binding entries. When the packet is found by the entr y, the MAC addr es s will b e set

to dynamic state. If the packet is not found by the entry, the MAC address will be set to block.

Other packets will be dropped. The default mode is strict if not specif ied. The ports with s trict

mode will capture unicast DHCP packets through the ACL m odule. If configuring IP-MAC

binding port enable in strict mode when IP-MAC binding DHCP_snoop is en abled, it will c reate

an ACL profile and the rules according to the ports. If there is not eno ugh prof ile or r ule space

for ACL profile or rule table, it will return a warning message and will not create ACL profile

and rules to capture unicast DHCP packets.

Enabled Loose – This mode provides a looser way of control. If the user selects loose m ode,

ARP packets and IP Broadcast packets will be sent to the CPU. The packets will still be

forwarded by the hardware until a specific source MAC address is blocked by the software.

The port will check ARP packets and IP Broadcast packets by IP-MAC-PORT Binding e ntries.

When the packet is found by the entry, the MAC address will be set to dynam ic state. If the

packet is not found by the entry, the MAC address will be s et to block. Other packets will be

bypassed.

Allow Zero IP Use the pull-down menu to enable or disable this feature. Allow zero IP configures the s tate

which allows ARP packets with 0.0.0.0 source IP to bypass.

Forward DHCP

Packet By default, the DHCP packet with broadcast DA will be flooded. When set to disab le, the

broadcast DHCP packet received by the specified port will not b e forwarded. This setting is

effective when DHCP snooping is enabled, under the case that DHCP packet which has bee n

trapped by the CPU needs to be forwarded by the software. This setting controls the

forwarding behavior in this situation.

Max Entry (1-50) Specifies the maximum number of IP-MAC-Port Bindi ng entries. By default, per port max entry

is 5.

Click Apply to implement changes.