HP 3400CL-24G 122

Enhancements

Release M.10.35 Enhancements

To configure one or more Ethernet interfaces that handle VLAN traffic as trusted ports, enter the arp protect trust command at the global configuration level. The switch does not check ARP requests and responses received on a trusted port.

Syntax: [no] arp protect trust <port-list>

port-listSpecifies a port number or a range of port numbers. Separate individual port numbers or ranges of port numbers with a comma; for example: c1-c3, c6.

An example of the arp protect trust command is shown here:

ProCurve(config)# arp protect trust b1-b4, d1

Adding an IP-to-MAC Binding to the DHCP Database

A routing switch maintains a DHCP binding database, which is used for DHCP and ARP packet validation. Both the DHCP snooping and DHCP Option 82 insertion features maintain the lease database by learning the IP-to-MAC bindings on untrusted ports. Each binding consists of the client MAC address, port number, VLAN identifier, leased IP address, and lease time.

If your network does not use DHCP or if some network devices have fixed, user-configured IP addresses, you can enter static IP-to-MAC address bindings in the DHCP binding database. The switch uses manually configured static bindings for DHCP snooping and dynamic ARP protection.

To add the static configuration of an IP-to-MAC binding for a port to the database, enter the ip source binding command at the global configuration level.

Syntax: [no] ip source binding <mac-address> vlan <vlan-id> <ip-address> interface <port-number>

mac-addressSpecifies a MAC address to bind with a VLAN and IP address on the specified port in the DHCP binding database.

vlan <vlan-id>Specifies a VLAN ID number to bind with the specified MAC and IP addresses on the specified port in the DHCP binding database.

ip-addressSpecifies an IP address to bind with a VLAN and MAC address on the specified port in the DHCP binding database.

interface Specifies the port number on which the IP-to- <port-number>MAC address and VLAN binding is configured in the DHCP binding database.

112

Contents

Release Notes: Version M.10.72 Software Release Notes: Page Contents Page Page Page Page Page Page Page Software Management Software Updates Download Switch Documentation and Software from the Web Downloading Software to the Switch TFTP Download from a Server Xmodem Download From a PC or Unix Workstation Page Saving Configurations While Using the CLI Install Recommendations for I.08.12 Boot ROM Update ProCurve Switch, Routing Switch, and Router Software Keys Page Minimum Software Versions for Series 3400cl Switch Features OS/Web/Java Compatibility Table Enforcing Switch Security Switch Management Access Security Local Manager Password Inbound Telnet Access and Web Browser Access Secure File Transfers SNMP Access (Simple Network Management Protocol) Physical Access to the Switch Other Provisions for Management Access Security Network Access Security Secure Shell (SSH) Secure Socket Layer (SSLv3/TLSv1) Traffic/Security Filters 802.1X Access Control Port Security, MAC Lockdown, MAC Lockout, and IP Lockdown Key Management System (KMS) Connection-RateFiltering Based On Virus-ThrottlingTechnology Identity-DrivenManagement (IDM) Clarifications and Updates Operating Notes for Jumbo Traffic-Handling Non-Genuine Mini-GBICDetection and Protection Initiative Publication Updates IGMP Command Update General Switch Traffic Security Guideline The Management VLAN IP Address Interoperating with 802.1s Multiple Spanning-Tree Rate-Limiting Known Issues Enhancements Release M.08.69 Enhancements Release M.08.70 through M.08.72 Enhancements Release M.08.73 Enhancements Release M.08.74 through M.08.77 Enhancements Release M.08.78 Enhancements Release M.08.79 Enhancements Release M.08.80 through M.08.83 Enhancements Release M.08.84 Enhancements Release M.08.85 through M.08.88 Enhancements Release M.08.89 Enhancements Page Page Page Page Page Page Using SNMP To View and Configure Switch Authentication Features Page Page Releases M.08.90 and M.08.91 Enhancements QoS Pass-ThroughMode Page Page Release M.08.94 Enhancements Page UDP Broadcast Forwarding Releases M.08.95 through M.10.01 Enhancements Release M.08.96 Enhancements Releases M.08.97 through M.10.01 Enhancements Release M.10.02 Enhancements RADIUS-AssignedAccess Control Lists (ACLs) Page Page Terminology General Operation The Packet-filteringProcess Page Page Page General Steps Determining Traffic Policies Planning the ACLs Needed To Enforce Traffic Policies Operating Rules for RADIUS-BasedACLs Limits for RADIUS-BasedACLs, Associated ACEs, and Counters Configuring an ACL in a RADIUS Server Page Page Page Configuring the Switch To Support RADIUS-BasedACLs Page Displaying the Current RADIUS-BasedACL Activity on the Switch Page Event Log Messages Causes of Client Deauthentication Immediately After Authenticating SFlow Show Commands Page Release M.10.04 Enhancements Page Page Page Page TCP/UDP Port Closure Page Spanning Tree Show Commands Page Release M.10.05 Enhancements Release M.10.06 Enhancements Release M.10.07 Enhancements Release M.10.08 Enhancements Release M.10.09 Enhancements Page Configuration Considerations Configuring UDLD Page Viewing UDLD Information Page Page Configuration Warnings and Event Log Messages Release M.10.10 Enhancements Spanning Tree Per-PortBPDU Filtering Viewing Status of BPDU Filtering Viewing Configuration of BPDU Filtering Releases M.10.11 through M.10.12 Enhancements Release M.10.13 Enhancements Releases M.10.14 through M.10.16 Enhancements Release M.10.17 Enhancements Terminology Configuring STP BPDU Protection Viewing BPDU Protection Status Release M.10.21 Enhancements Release M.10.22 Enhancements Page Release M.10.23 Enhancements Release M.10.24 Enhancements Release M.10.25 Enhancements Release M.10.26 Enhancements Release M.10.27 Enhancements Page Release M.10.28 Enhancements Release M.10.29 Enhancements Release M.10.30 Enhancements Release M.10.31 Enhancements Release M.10.32 Enhancements Release M.10.33 Enhancements Page Example of Untagged VLAN Assignment in a RADIUS-BasedAuthentication Session Page Page Enabling the Use of GVRP-LearnedDynamic VLANs in Authentication Sessions Release M.10.34 Enhancements Release M.10.35 Enhancements Page Page Page Page Page Release M.10.36 Enhancements Release M.10.37 Enhancements Configuring MSTP Port Connectivity Parameters Page Release M.10.38 Enhancements Send SNMP v2c Informs Release M.10.39 Enhancements RADIUS Server Unavailable Page Page ARP Age Timer Increase Page Release M.10.40 Enhancements Release M.10.41 Enhancements Release M.10.42 Enhancements Release M.10.43 Enhancements Page Page Page Page Potential Issues with Bindings Adding a Static Binding Page Page Release M.10.44 through M.10.64 Enhancements Release M.10.65 Enhancements Page Page Page Release M.10.66 Enhancements Page Page Release M.10.67 Enhancements Release M.10.68 Enhancements Release M.10.69 Enhancements Release M.10.70 Enhancements Release M.10.71 Enhancements Release M.10.72 Enhancements Software Fixes in Release M.08.51 - M.10.72 Release M.08.52 Release M.08.53 (Never Released) Release M.08.54 Release M.08.55 - Release M.08.60 Page Release M.08.62 Release M.08.63 Release M.08.64 Release M.08.65 Release M.08.66 Release M.08.67 Release M.08.68 Release M.08.69 Release M.08.70 Release M.08.71 Release M.08.72 Release M.08.73 Release M.08.74 Release M.08.75 Release M.08.76 Release M.08.77 Release M.08.78 Release M.08.79 Release M.08.80 Release M.08.81 Release M.08.82 Release M.08.83 Release M.08.84 Release M.08.85 Release M.08.86 Release M.08.87 Release M.08.88 Release M.08.89 Release M.08.90 Release M.08.91 Release M.08.92 Release M.08.93 Release M.08.94 Release M.08.95 Release M.08.96 Release M.08.97 Release M.10.01 Release M.10.02 Release M.10.03 Release M.10.04 Release M.10.05 Release M.10.06 Release M.10.07 Release M.10.08 Release M.10.09 Release M.10.10 Release M.10.11 Release M.10.12 Release M.10.13 Release M.10.14 Release M.10.15 Release M.10.16 Release M.10.17 Release M.10.18 - Release M.10.19 Release M.10.20 Release M.10.21 Release M.10.22 Release M.10.23 Release M.10.24 Release M.10.25 Release M.10.26 Release M.10.27 Release M.10.28 Release M.10.29 Release M.10.30 Release M.10.31 Release M.10.32 Release M.10.33 Release M.10.34 Release M.10.35 Release M.10.36 Release M.10.37 Release M.10.38 Release M.10.39 Release M.10.40 Release M.10.41 Release M.10.42 Release M.10.43 Release M.10.44 Release M.10.45 Release M.10.46 Release M.10.47 Release M.10.48 Release M.10.49 Release M.10.50 through M.10.64 Release M.10.65 Release M.10.66 Release M.10.67 Release M.10.68 Release M.10.69 Release M.10.70 Page Release M.10.71 Release M.10.72