![SNR S2989G-24TX-UPS — настройка DHCP Snooping для защиты сети от атак [222/553]](/icons/site-icon-64.png){kind=icon}
SNR S2989G-24TX-UPS — настройка DHCP Snooping для защиты сети от атак [222/553]
Превью страниц
Страница 222 /
553
![SNR S2989G-24TX-UPS [222/553] Dhcp snooping troubleshooting help](/views2/1978540/page222/bgde.png)
S2989G-24TX Operation Manual
Chapter 3 IP services Configuration
3-60
Figure 3-14 Sketch Map of TRUNK
As showed in the above chart, Mac-AA device is the normal user, connected to the
non-trusted port 1/0/1 of the switch. It operates via DHCP Client, IP 1.1.1.5; DHCP Server
and GateWay are connected to the trusted ports 1/0/11 and 1/0/12 of the switch; the
malicious user Mac-BB is connected to the non-trusted port 1/0/10, trying to fake a DHCP
Server(by sending DHCPACK). Setting DHCP Snooping on the switch will effectively
detect and block this kind of network attack.
Configuration sequence is:
switch#
switch#config
switch(config)#ip dhcp snooping enable
switch(config)#interface ethernet 1/0/11
switch(Config-Ethernet1/0/11)#ip dhcp snooping trust
switch(Config-Ethernet1/0/11)#exit
switch(config)#interface ethernet 1/0/12
switch(Config-Ethernet1/0/12)#ip dhcp snooping trust
switch(Config-Ethernet1/0/12)#exit
switch(config)#interface ethernet 1/0/1-10
switch(Config-Port-Range)#ip dhcp snooping action shutdown
switch(Config-Port-Range)#
3.16.4
DHCP Snooping Troubleshooting Help
3.16.4.1 Monitor and Debug Information
The “debug ip dhcp snooping” command can be used to monitor the debug
information.
Содержание
666- Chapter 1 basic management configuration 1 1
- Chapter 2 layer 2 services configuration 2 1
- Content 1
- Content
- Efm oam 2 31
- Uldp 2 11
- Mtu 2 30
- Lldp 2 17
- Vlan 2 58
- Gvrp 2 66
- Port security 2 47
- Lldp med 2 41
- Ddm 2 49
- Vlan 2 76
- Chapter 3 ip services configuration 3 1
- Vlan 2 85
- Vlan 2 80
- Arp 3 16
- Urpf 3 14
- Arp guard 3 26
- Dhcp 3 37
- Arp 3 30
- Configuration 4 1
- Ecmp 4 14
- Chapter 4 routing protocol related
- Bfd 4 19
- Vlan 5 45
- Igmp 5 28
- Configuration 5 25
- Chapter 6 security function configuration 6 1
- Chapter 5 multicast protocol related
- Vlan 6 45
- Tacacs 6 53
- Ssl 6 62
- Radius 6 55
- Vlan acl 6 66
- S 6 96
- S 6 113
- Mab 6 70
- Mstp 7 1
- Chapter 7 reliability configuration 7 1
- Ulsm 7 28
- Ulpp 7 20
- Q 6 121
- Mrpp 7 13
- Erps 7 32
- Chapter 8 debugging and diagnosis configuration
- Copp 8 6
- Vsf 10 1
- Chapter 9 network time management
- Chapter 10 virtualization configuration 10 1
- Sntp 9 1
- Rspan 8 23
- Ntp 9 3
- Configuration 9 1
- Ra 11 35
- Chapter 11 ipv6 configuration 11 1
- 38 11 11
- Savi 11 37
- Management options
- Chapter 1 basic management
- Switch management
- Configuration
- Management via telnet
- In band management
- Management via http
- Software
- Manage the switch via snmp network management
- Cli interface
- User mode
- Configuration modes
- Global mode
- Admin mode
- Shortcut key support
- Configuration syntax
- Returned information success
- Input verification
- Help function
- Basic switch configuration
- Basic configuration
- Telnet management
- Example of ssh server configuration
- Ssh server configuration task list
- Switch ip addresses configuration task list
- Configure switch ip addresses
- Snmp configuration
- Introduction to mib
- Snmp configuration task list
- Snmp configuration
- Introduction to rmon
- Typical snmp configuration examples
- Switch upgrade
- Bootrom upgrade
- Introduction to ftp tftp
- Ftp tftp upgrade
- Ftp tftp configuration task list
- Ftp tftp configuration
- Ftp tftp configuration examples
- Ftp tftp troubleshooting
- Tftp troubleshooting
- Ftp troubleshooting
- Introduction to file storage devices
- File system operation configuration task list
- File system
- Typical applications
- Troubleshooting
- Introduction to cluster network management
- Cluster
- Sequence
- Cluster network management configuration
- Examples of cluster administration
- Cluster administration troubleshooting
- Configuration
- Chapter 2 layer 2 services
- Port configuration
- Network port configuration task list
- Introduction to port
- Port configuration example
- Port troubleshooting
- Task sequence of port isolation
- Port isolation
- Introduction to port isolation function
- Port isolation function typical examples
- Introduction to port loopback detection
- Port loopback detection
- Function
- Task list
- Port loopback detection function configuration
- Port loopback detection function example
- Introduction to uldp function
- Port loopback detection troubleshooting
- Uldp configuration task sequence
- Uldp function typical examples
- Uldp troubleshooting
- Introduction to lldp function
- Lldp function configuration task sequence
- Lldp function typical example
- Lldp function troubleshooting
- Port channel
- Introduction to port channel
- Brief introduction to lacp
- Static lacp aggregation
- Port channel configuration task list
- Dynamic lacp aggregation
- Port channel examples
- Introduction to mtu
- Port channel troubleshooting
- Mtu configuration task sequence
- Introduction to efm oam
- Efm oam
- Efm oam configuration
- Efm oam troubleshooting
- Efm oam example
- Introduction to bpdu tunnel
- Bpdu tunnel
- Bpdu tunnel configuration task list
- Examples of bpdu tunnel
- Lldp med configuration task sequence
- Lldp med
- Introduction to lldp med
- Bpdu tunnel troubleshooting
- Lldp med example
- Introduction to port security
- Port security configuration task list
- Port security
- Lldp med troubleshooting
- Example of port security
- Port security troubleshooting
- Introduction to ddm
- Brief introduction to ddm
- Ddm function
- Ddm configuration task list
- Examples of ddm
- Introduction to vlan
- Ddm troubleshooting
- Vlan configuration task list
- Typical vlan application
- Typical application of hybrid port
- Introduction to gvrp
- Gvrp configuration task list
- Example of gvrp
- Introduction to dot1q tunnel
- Gvrp troubleshooting
- Dot1q tunnel
- Dot1q tunnel configuration
- Typical applications of the dot1q tunnel
- Vlan translation configuration
- Vlan translation
- Introduction to vlan translation
- Dot1q tunnel troubleshooting
- Typical application of vlan translation
- Vlan translation troubleshooting
- Dynamic vlan configuration
- Dynamic vlan
- Introduction to dynamic vlan
- Typical application of the dynamic vlan
- Dynamic vlan troubleshooting
- Voice vlan
- Introduction to voice vlan
- Voice vlan configuration
- Typical applications of the voice vlan
- Voice vlan troubleshooting
- Multi to one vlan translation configuration
- Multi to one vlan translation
- Introduction to multi to one vlan translation
- Typical application of multi to one vlan
- Translation
- Super vlan
- Multi to one vlan translation troubleshooting
- Introduction to super vlan
- Super vlan configuration
- Typical application of super vlan
- Vlan 3 vlan 4
- Super vlan troubleshooting
- Mac table
- Introduction to mac table
- Obtaining mac table
- Forward or filter
- Mac address table configuration task list
- Typical configuration examples
- Mac table troubleshooting
- Mac notification configuration
- Mac notification
- Introduction to mac notification
- Mac notification troubleshooting
- Mac notification example
- Layer 3 interface configuration task list
- Layer 3 interface
- Introduction to layer 3 interface
- Chapter 3 ip services configuration
- Ip configuration
- Introduction to ipv4 ipv6
- Ip configuration
- Ip configuration examples
- Configuration examples of ipv4
- Configuration examples of ipv6
- Ipv6 troubleshooting
- Ip forwarding
- Introduction to ip forwarding
- Ip route aggregation configuration task
- Introduction to urpf
- Urpf configuration task sequence
- Urpf typical example
- Urpf troubleshooting
- Introduction to arp
- Arp configuration task list
- Station movement
- L3 station movement configuration task list
- Introduction to l3 station movement
- Arp troubleshooting
- Introduction to arp scanning prevention
- Function
- Arp scanning prevention
- Sequence
- Arp scanning prevention configuration task
- Arp scanning prevention typical examples
- Arp scanning prevention troubleshooting help
- Overview
- Prevent arp spoofing
- Prevent arp spoofing configuration
- Prevent arp spoofing example
- Introduction to arp guard
- Arp guard
- Introduction to arp local proxy function
- Arp local proxy
- Arp guard configuration task list
- Typical examples of arp local proxy function
- Arp local proxy function configuration task
- Introduction to gratuitous arp
- Gratuitous arp configuration task list
- Gratuitous arp
- Arp local proxy function troubleshooting
- Gratuitous arp configuration example
- Configuration
- Introduction to dynamic arp inspection
- Gratuitous arp troubleshooting
- Dynamic arp inspection configuration task
- Dynamic arp inspection
- Example
- Dynamic arp inspection configuration
- Keepalive gateway configuration task list
- Keepalive gateway
- Introduction to keepalive gateway
- Keepalive gateway example
- Kepalive gteway troubleshooting
- Introduction to dhcp
- Dhcp server configuration
- Dhcp relay configuration
- Dhcp configuration examples
- Dhcp option 82
- Introduction to dhcp option 82
- Dhcp troubleshooting
- Option 82 working mechanism
- Dhcp option 82 message structure
- Dhcp option 82 configuration task list
- Dhcp option 82 application examples
- Introduction to dhcp snooping
- Dhcp snooping
- Dhcp option 82 troubleshooting
- Dhcp snooping configuration task sequence
- Dhcp snooping typical application
- Dhcp snooping troubleshooting help
- Task list
- Introduction to dhcp option 60 and option 43
- Dhcp option 60 and option 43 configuration
- Dhcp option 60 and option 43
- Dhcpv6 option 60 and option 43 example
- Dhcp option 60 and option 43 troubleshooting
- Routing protocol overview
- Configuration
- Chapter 4 routing protocol related
- Routing table
- Ip routing policy
- Ip routing policy configuration task list
- Configuration examples
- Troubleshooting
- Static route
- Introduction to static route
- Introduction to default route
- Static route configuration task list
- Static route configuration examples
- Introduction to black hole routing
- Ipv4 black hole routing
- Ipv4 black hole routing configuration task
- Black hole routing configuration exmaples
- Introduction to ecmp
- Black hole routing troubleshooting
- Ecmp typical example
- Ecmp configuration task list
- Static route implements ecmp
- Ospf implements ecmp
- Ecmp troubleshooting
- Introduction to bfd
- Bfd configuration task list
- Examples of bfd
- Example for linkage of bfd and rip route
- Example for linkage of bfd and vrrp
- Bfd troubleshooting
- Multicast
- Introduction to multicast
- Configuration
- Chapter 5 multicast protocol related
- Multicast address
- Ip multicast packet transmission
- Ip multicast application
- Introduction to igmp
- Igmp configuration task list
- Igmp configuration examples
- Introduction to igmp snooping
- Igmp troubleshooting
- Igmp snooping configuration task list
- Igmp snooping
- Igmp snooping examples
- Igmp proxy
- Introduction to igmp proxy
- Igmp snooping troubleshooting
- Igmp proxy configuration task list
- Igmp proxy examples
- Multicast vlan
- Introductions to multicast vlan
- Igmp proxy troubleshooting
- Multicast vlan configuration task list
- Multicast vlan examples
- Introduction to acl
- Configuration
- Chapter 6 security function
- Acl configuration task list
- Acl example
- Acl troubleshooting
- Introduction to 802 x
- The work mechanism of 802 x
- The encapsulation of eapol messages
- The encapsulation of eap attributes
- The authentication methods of 802 x
- Eap relay mode
- Eap termination mode
- The extension and optimization of 802 x
- The features of vlan allocation
- X configuration task list
- X application example
- Examples of ipv4 radius applications
- Examples of ipv6 radius application
- X troubleshooting
- Port vlan
- Of mac and ip in port vlan
- Introduction to the number limitation function
- The number limitation function of mac and ip in
- The number limitation function of mac and ip in
- Port vlan configuration task sequence
- The number limitation function of mac and ip in
- Port vlan typical examples
- The number limitation function of mac and ip in
- Port vlan troubleshooting help
- Introduction to am function
- Am function configuration task list
- Am function example
- Am function troubleshooting
- Tacacs configuration task list
- Tacacs
- Introduction to tacacs
- Tacacs scenarios typical examples
- Introduction to radius
- Tacacs troubleshooting
- Radius
- Radius configuration task list
- Radius typical examples
- Ipv4 radius example
- Ipv6 radiusexample
- Radius troubleshooting
- Introduction to ssl
- Basic element of ssl
- Ssl configuration task list
- Ssl typical example
- Ssl troubleshooting
- Vlan acl
- Introduction to vlan acl
- Vlan acl configuration task list
- Vlan acl configuration example
- Vlan acl troubleshooting
- Mab configuration task list
- Introduction to mab
- Mab example
- Switch2
- Switch1
- Pppoe intermediate agent
- Mab troubleshooting
- Introduction to pppoe intermediate agent
- Pppoe packet format
- Pppoe intermediate agent exchange process
- Trust port of pppoe intermediate agent
- Pppoe intermediate agent vendor tag frame
- Pppoe intermediate agent configuration task
- Pppoe intermediate agent typical application
- Captive portal authentication
- Pppoe intermediate agent troubleshooting
- Captive portal authentication configuration
- Captive portal authentication configuration
- Captive portal authentication examples
- Accounting function configuration
- Accounting function examples
- Switch1
- Switch
- Accounting function troubleshooting
- Free resource configuration
- Automatic page pushing after successful
- Authentication
- Automatic page pushing after successful
- Authentication example
- Authentication configuration
- Authentication troubleshooting
- Automatic page pushing after successful
- Introduction to qos
- Qos implementation
- Basic qos model
- Prio means to the obtainable int prio in classification flow or int prio set by the unrelated
- Note 2 drop the internal priority of the packets according to intp to intp map source int
- Note 1 int prio will be covered with the after setting set int prio of the specific color
- Figure 6 39 policing and remarking process
- Action with the color
- Action will cover set int prio of the unrelated action with the color
- And dscp value according to pass through cos pass through dscp
- Note 1 the ingress configures pass through cos pass through dscp to forbid the
- Internal priority and then forward the packets according to the priority queue weight and
- Figure 6 40 queuing and scheduling process
- Configure class map
- Algorith
- Value according to the final int prio of the packets decide whether rewrite l2 cos priority
- The drop precedence the following flowchart describes the scheduling operation
- Scheduling operation assigns the packets to different priority queues according to the
- Rewrite of l2 cos priority and dscp value at the egress obtain l2 cos priority and dscp
- Queuing and scheduling there are the internal priority for the egress packets the
- Queue management
- Qos configuration task list
- Qos example
- Qos troubleshooting
- Introduction to flow based redirection
- Flow based redirection
- Sequence
- Flow based redirection configuration task
- Flow based redirection troubleshooting help
- Flow based redirection examples
- Egress qos
- Introduction to egress qos
- Tos cos fields
- Sort packet traffic according to the
- Policy of egress
- Policy
- Packets
- Ingress egress
- Dual color or dual
- Drop different color
- Egress qos configuration
- Set egress cos mapping no
- Configuration
- Command resotores the default
- Egress qos examples
- Flexible qinq
- Egress qos troubleshooting help
- Introduction to flexible qinq
- Flexible qinq configuration task list
- Flexible qinq example
- Flexible qinq troubleshooting
- Introduction to mstp
- Chapter 7 reliability configuration
- Operations within an mstp region
- Operations between mst regions
- Port roles
- Mstp load balance
- Mstp configuration task list
- Mstp example
- Mstp troubleshooting
- Introduction to mrpp
- Mrpp protocol packet types
- Mrpp protocol operation system
- Mrpp configuration task list
- Mrpp typical scenario
- Mrpp troubleshooting
- Introduction to ulpp
- Ulpp configuration task list
- Ulpp typical examples
- Ulpp typical example1
- Ulpp typical example2
- Ulpp troubleshooting
- Introduction to ulsm
- Ulsm configuration task list
- Ulsm typical example
- Ulsm troubleshooting
- Introduction to erps
- Erps terminology
- Erps function
- Fault switchover
- Failure recovery
- Interconnection ring model
- Erps application
- Erps configuration
- Erps examples
- Erps troubleshooting
- Traceroute
- Monitor and debug
- Configuration
- Chapter 8 debugging and diagnosis
- Traceroute6
- Reload switch after specified time
- Reload switch after specifid time task list
- Logging
- Introduce to reload switch after specifid time
- Packets received and sent by cpu
- Introduction to debugging and diagnosis for
- Debugging and diagnosis for packets received
- And sent by cpu task list
- And sent by cpu
- Introduction to copp
- Copp configuration
- Copp configuration examples
- Copp configuration troubleshooting
- Source information format
- Priority
- Timestamp
- The content indicates the specific contents of the
- System information configure sequence
- Instructions
- Logbuffer output log
- Trapbuffer output log
- Loghost output log
- Record user operation commands
- Logfile output log
- Delete logs recorded by logbuffer or trapbuffer
- Erratum
- Mirror configuration task list
- Mirror
- Introduction to mirror
- Mirror examples
- Device mirror troubleshooting
- Introduction to rspan
- Rspan configuration task list
- Typical examples of rspan
- Rspan troubleshooting
- Introduction to sflow
- Sflow configuration task list
- Sflow examples
- Sflow troubleshooting
- Introduction to sntp
- Configuration
- Chapter 9 network time management
- Typical examples of sntp configuration
- Ntp function configuration task list
- Introduction to ntp function
- Typical examples of ntp function
- Ntp function troubleshooting
- Introduction to dns
- Dnsv4 v6
- Dnsv4 v6 configuration task list
- Typical examples of dns
- Dns troubleshooting
- Recorded message to the technical service center of our company
- Summer time configuration task sequence
- Summer time
- Introduction to summer time
- Examples of summer time
- Summer time troubleshooting
- Chapter 10 virtualization configuration
- Basic concept
- Glossary
- Vsf typical application
- Lacp mad
- Bfd mad
- Relevant vsf configuration
- Lacp mad configuration
- Bfd mad configuration
- Typical vsf example
- Vsf troubleshooting
- Introduction to dhcpv6
- Dhcpv6
- Chapter 11 ipv6 configuration
- Dhcpv6 server configuration
- Dhcpv6 relay delegation configuration
- Dhcpv6 prefix delegation server configuration
- Dhcpv6 prefix delegation client configuration
- Dhcpv6 configuration examples
- Introduction to dhcpv6 option37 38
- Dhcpv6 troubleshooting
- Dhcpv6 option37 38
- Dhcpv6 option37 38 configuration task list
- Dhcpv6 option37 38 examples
- Dhcpv6 relay option37 38 example
- Dhcpv6 option37 38 troubleshooting
- Prevent nd spoofing configuration
- Prevent nd spoofing
- Overview
- Prevent nd spoofing example
- Ipv6 black hole routing configuration task
- Ipv6 black hole routing
- Introduction to black hole routing
- Black hole routing configuration exmaples
- Black hole routing troubleshooting
- Ipv6 multicast protocol
- Mld configuration task list
- Mld typical application
- Mld troubleshooting help
- Mld snooping
- Mld snooping examples
- Mld snooping troubleshooting
- Ipv6 security ra configuration task sequence
- Ipv6 security ra
- Introduction to ipv6 security ra
- Ipv6 security ra typical examples
- Ipv6 security ra troubleshooting help
- Savi configuration
- Introduction to savi
- Savi typical application
- Enable
- Switch1 config
- Respectively connect with port ethernet1 0 12 of switch1 and port ethernet1 0 13 of
- Ethernet1 0 2 are uplink ports of switch1 and switch2 respectively enable dhcp trust
- Configuration steps of savi dhcp slaac scene
- Client_1 and client_2 means two different user s pc installed ipv6 protocol
- And nd trust functions aggregation switch3 enables dhcpv6 server function and route
- Advertisement function
- Switch2 and enable the source address check function of savi ethernet1 0 1 and
- Switch1 config savi ipv6 dhcp slaac enable
- Switch1 config savi enable
- Switch1 config savi check binding probe mode
- Switch1 config interface ethernet1 0 1
- Switch1 config if ethernet1 0 1 ipv6 nd snooping trust
- Switch1 config if ethernet1 0 1 ipv6 dhcp snooping trust
- Savi troubleshooting
Похожие устройства
-
SNR S2985G-8T-RPSРуководство по настройке -
SNR S2985G-8T-RPSТехническое Описание -
SNR S2985G-8T-UPSРуководство по настройке
-
SNR S2985G-8T-UPSТехническое Описание
-
SNR S2982G-24TРуководство по настройке -
SNR S2982G-24TТехническое Описание -
SNR SNR-S2985G-8TРуководство по настройке
-
SNR SNR-S2985G-8TТехническое Описание
-
SNR S2985G-24TC-DCРуководство по настройке
-
SNR S2985G-24TC-DCТехническое Описание
-
SNR S2989G-48TX-DCРуководство по Настройке -
SNR S2989G-48TX-DCТехническое Описание
Узнайте, как настроить DHCP Snooping на коммутаторе для защиты от подделки DHCP серверов. Подробная инструкция и команды для эффективной конфигурации.