DGS-3700-12/DGS-3700-12G Series Layer 2 Gigabit Ethernet Switch User Manual

 

 

 

 

 

 

 

From Port / To Port

 

Select a port or range of ports to set for IP-MAC Binding.

 

 

 

 

 

 

 

State

 

Use the pull-down menu to Enable or Disable these ports for IP-MAC Binding.

 

 

 

 

Enabled Strict – This mode provides a stricter method of control. If the user selects this mode,

 

 

 

 

all packets will be sent to the CPU, thus all packets will not be forwarded by the hardware until

 

 

 

 

the S/W learns the entries for the ports. The port will check ARP packets and IP packets by IP-

 

 

 

 

MAC-Port Binding entries. When the packet is found by the entry, the MAC address will be set

 

 

 

 

to dynamic state. If the packet is not found by the entry, the MAC address will be set to block.

 

 

 

 

Other packets will be dropped. The default mode is strict if not specified. The ports with strict

 

 

 

 

mode will capture unicast DHCP packets through the ACL module. If configuring IP-MAC

 

 

 

 

binding port enable in strict mode when IP-MAC binding DHCP_snoop is enabled, it will create

 

 

 

 

an ACL profile and the rules according to the ports. If there is not enough profile or rule space

 

 

 

 

for ACL profile or rule table, it will return a warning message and will not create ACL profile

 

 

 

 

and rules to capture unicast DHCP packets.

 

 

 

 

Enabled Loose – This mode provides a looser way of control. If the user selects loose mode,

 

 

 

 

ARP packets and IP Broadcast packets will be sent to the CPU. The packets will still be

 

 

 

 

forwarded by the hardware until a specific source MAC address is blocked by the software.

 

 

 

 

The port will check ARP packets and IP Broadcast packets by IP-MAC-PORT Binding entries.

 

 

 

 

When the packet is found by the entry, the MAC address will be set to dynamic state. If the

 

 

 

 

packet is not found by the entry, the MAC address will be set to block. Other packets will be

 

 

 

 

bypassed.

 

 

 

 

 

 

 

Allow Zero IP

 

Use the pull-down menu to enable or disable this feature. Allow zero IP configures the state

 

 

 

 

which allows ARP packets with 0.0.0.0 source IP to bypass.

 

 

 

 

 

 

 

Forward DHCP

 

By default, the DHCP packet with broadcast DA will be flooded. When set to disable, the

 

 

Packet

 

broadcast DHCP packet received by the specified port will not be forwarded. This setting is

 

 

 

 

effective when DHCP snooping is enabled, under the case that DHCP packet which has been

 

 

 

 

trapped by the CPU needs to be forwarded by the software. This setting controls the

 

 

 

 

forwarding behavior in this situation.

 

 

 

 

 

 

 

Max Entry (1-50)

 

Specifies the maximum number of IP-MAC-Port Binding entries. By default, per port max entry

 

 

 

 

is 5.

 

 

 

 

 

 

Click Apply to implement changes.

149

Page 159 Page 161
Page 160
Image 160
D-Link DGS-3700 user manual Allow Zero IP, Forward Dhcp, Packet, Max Entry
Page 159 Page 161
Top Page Image Contents