HP 3400CL-24G 123

Enhancements

Release M.10.35 Enhancements

An example of the ip source binding command is shown here:

ProCurve(config)# ip source binding 0030c1-7f49c0 interface vlan 100 10.10.20.1 interface A4

N o t e

Note that the ip source binding command is the same command used by the Dynamic IP Lockdown feature to configure static bindings. The Dynamic ARP Protection and Dynamic IP Lockdown features share a common list of source IP-to-MAC bindings.

Configuring Additional Validation Checks on ARP Packets

Dynamic ARP protection can be configured to perform additional validation checks on ARP packets. By default, no additional checks are performed. To configure additional validation checks, enter the arp protect validate command at the global configuration level.

Syntax: [no] arp protect validate <[src-mac] [dst-mac] [ip]>

src-mac(Optional) Drops any ARP request or response packet in which the source MAC address in the Ethernet header does not match the sender MAC address in the body of the ARP packet.

dst-mac(Optional) Drops any unicast ARP response packet

	in which the destination MAC address in the
	Ethernet header does not mach the target MAC
	address in the body of the ARP packet.
ip	(Optional) Drops any ARP packet in which the
	sender IP address is invalid. Drops any ARP
	response packet in which the target IP address is
	invalid. Invalid IP addresses include: 0.0.0.0,
	255.255.255.255, all IP multicast addresses, and
	all Class E IP addresses.

You can configure one or more of the validation checks. The following example of the arp protect validate command shows how to configure the validation checks for source MAC address and destination AMC address:

ProCurve(config)# arp protect validate src-mac dst-mac

113

Contents

Release Notes: Version M.10.72 Software Release Notes: Page Contents Page Page Page Page Page Page Page Software Management Software Updates Download Switch Documentation and Software from the Web Downloading Software to the Switch TFTP Download from a Server Xmodem Download From a PC or Unix Workstation Page Saving Configurations While Using the CLI Install Recommendations for I.08.12 Boot ROM Update ProCurve Switch, Routing Switch, and Router Software Keys Page Minimum Software Versions for Series 3400cl Switch Features OS/Web/Java Compatibility Table Enforcing Switch Security Switch Management Access Security Local Manager Password Inbound Telnet Access and Web Browser Access Secure File Transfers SNMP Access (Simple Network Management Protocol) Physical Access to the Switch Other Provisions for Management Access Security Network Access Security Secure Shell (SSH) Secure Socket Layer (SSLv3/TLSv1) Traffic/Security Filters 802.1X Access Control Port Security, MAC Lockdown, MAC Lockout, and IP Lockdown Key Management System (KMS) Connection-RateFiltering Based On Virus-ThrottlingTechnology Identity-DrivenManagement (IDM) Clarifications and Updates Operating Notes for Jumbo Traffic-Handling Non-Genuine Mini-GBICDetection and Protection Initiative Publication Updates IGMP Command Update General Switch Traffic Security Guideline The Management VLAN IP Address Interoperating with 802.1s Multiple Spanning-Tree Rate-Limiting Known Issues Enhancements Release M.08.69 Enhancements Release M.08.70 through M.08.72 Enhancements Release M.08.73 Enhancements Release M.08.74 through M.08.77 Enhancements Release M.08.78 Enhancements Release M.08.79 Enhancements Release M.08.80 through M.08.83 Enhancements Release M.08.84 Enhancements Release M.08.85 through M.08.88 Enhancements Release M.08.89 Enhancements Page Page Page Page Page Page Using SNMP To View and Configure Switch Authentication Features Page Page Releases M.08.90 and M.08.91 Enhancements QoS Pass-ThroughMode Page Page Release M.08.94 Enhancements Page UDP Broadcast Forwarding Releases M.08.95 through M.10.01 Enhancements Release M.08.96 Enhancements Releases M.08.97 through M.10.01 Enhancements Release M.10.02 Enhancements RADIUS-AssignedAccess Control Lists (ACLs) Page Page Terminology General Operation The Packet-filteringProcess Page Page Page General Steps Determining Traffic Policies Planning the ACLs Needed To Enforce Traffic Policies Operating Rules for RADIUS-BasedACLs Limits for RADIUS-BasedACLs, Associated ACEs, and Counters Configuring an ACL in a RADIUS Server Page Page Page Configuring the Switch To Support RADIUS-BasedACLs Page Displaying the Current RADIUS-BasedACL Activity on the Switch Page Event Log Messages Causes of Client Deauthentication Immediately After Authenticating SFlow Show Commands Page Release M.10.04 Enhancements Page Page Page Page TCP/UDP Port Closure Page Spanning Tree Show Commands Page Release M.10.05 Enhancements Release M.10.06 Enhancements Release M.10.07 Enhancements Release M.10.08 Enhancements Release M.10.09 Enhancements Page Configuration Considerations Configuring UDLD Page Viewing UDLD Information Page Page Configuration Warnings and Event Log Messages Release M.10.10 Enhancements Spanning Tree Per-PortBPDU Filtering Viewing Status of BPDU Filtering Viewing Configuration of BPDU Filtering Releases M.10.11 through M.10.12 Enhancements Release M.10.13 Enhancements Releases M.10.14 through M.10.16 Enhancements Release M.10.17 Enhancements Terminology Configuring STP BPDU Protection Viewing BPDU Protection Status Release M.10.21 Enhancements Release M.10.22 Enhancements Page Release M.10.23 Enhancements Release M.10.24 Enhancements Release M.10.25 Enhancements Release M.10.26 Enhancements Release M.10.27 Enhancements Page Release M.10.28 Enhancements Release M.10.29 Enhancements Release M.10.30 Enhancements Release M.10.31 Enhancements Release M.10.32 Enhancements Release M.10.33 Enhancements Page Example of Untagged VLAN Assignment in a RADIUS-BasedAuthentication Session Page Page Enabling the Use of GVRP-LearnedDynamic VLANs in Authentication Sessions Release M.10.34 Enhancements Release M.10.35 Enhancements Page Page Page Page Page Release M.10.36 Enhancements Release M.10.37 Enhancements Configuring MSTP Port Connectivity Parameters Page Release M.10.38 Enhancements Send SNMP v2c Informs Release M.10.39 Enhancements RADIUS Server Unavailable Page Page ARP Age Timer Increase Page Release M.10.40 Enhancements Release M.10.41 Enhancements Release M.10.42 Enhancements Release M.10.43 Enhancements Page Page Page Page Potential Issues with Bindings Adding a Static Binding Page Page Release M.10.44 through M.10.64 Enhancements Release M.10.65 Enhancements Page Page Page Release M.10.66 Enhancements Page Page Release M.10.67 Enhancements Release M.10.68 Enhancements Release M.10.69 Enhancements Release M.10.70 Enhancements Release M.10.71 Enhancements Release M.10.72 Enhancements Software Fixes in Release M.08.51 - M.10.72 Release M.08.52 Release M.08.53 (Never Released) Release M.08.54 Release M.08.55 - Release M.08.60 Page Release M.08.62 Release M.08.63 Release M.08.64 Release M.08.65 Release M.08.66 Release M.08.67 Release M.08.68 Release M.08.69 Release M.08.70 Release M.08.71 Release M.08.72 Release M.08.73 Release M.08.74 Release M.08.75 Release M.08.76 Release M.08.77 Release M.08.78 Release M.08.79 Release M.08.80 Release M.08.81 Release M.08.82 Release M.08.83 Release M.08.84 Release M.08.85 Release M.08.86 Release M.08.87 Release M.08.88 Release M.08.89 Release M.08.90 Release M.08.91 Release M.08.92 Release M.08.93 Release M.08.94 Release M.08.95 Release M.08.96 Release M.08.97 Release M.10.01 Release M.10.02 Release M.10.03 Release M.10.04 Release M.10.05 Release M.10.06 Release M.10.07 Release M.10.08 Release M.10.09 Release M.10.10 Release M.10.11 Release M.10.12 Release M.10.13 Release M.10.14 Release M.10.15 Release M.10.16 Release M.10.17 Release M.10.18 - Release M.10.19 Release M.10.20 Release M.10.21 Release M.10.22 Release M.10.23 Release M.10.24 Release M.10.25 Release M.10.26 Release M.10.27 Release M.10.28 Release M.10.29 Release M.10.30 Release M.10.31 Release M.10.32 Release M.10.33 Release M.10.34 Release M.10.35 Release M.10.36 Release M.10.37 Release M.10.38 Release M.10.39 Release M.10.40 Release M.10.41 Release M.10.42 Release M.10.43 Release M.10.44 Release M.10.45 Release M.10.46 Release M.10.47 Release M.10.48 Release M.10.49 Release M.10.50 through M.10.64 Release M.10.65 Release M.10.66 Release M.10.67 Release M.10.68 Release M.10.69 Release M.10.70 Page Release M.10.71 Release M.10.72