Same IP Address Issue on network

sanjeev_mahad · ‎12-07-2015

Hi Friends,

I have Cisco 6500 core switch having several VLAN's. We have created user VLAN - 10 having IP 10.10.10.1/24.

Now one of literate user changing IP address statically on his Laptop same as gateway IP address 10.10.101/24 and silently putting in to the network intentionally.

because of this my all network failing to get an IP address from DHCP and showing yellow escalation mark.

Pls. assist so switch port can be blocked from duplicate IP addressing.

Regards

Sanjeev

Seb Rupik · ‎12-08-2015

Hi Sanjeev,

Take a look at IP Source Guard. It will block host switchports which attempt to use an IP address that has not been issued via a trusted DHCP source:

http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst6500/ios/12-2SX/configuration/guide/book/ipsrcgrd.html

cheers,

Seb.

sanjeev_mahad · ‎12-08-2015

Thanks Guys,

let me check.

Regards

Sanjeev

Ganesh Hariharan · ‎12-08-2015

Hello Sanjeev,

IPSG with DHCP snooping would be benficial for your problem.As it is a security feature that restricts IP traffic on nonrouted, Layer 2 interfaces by filtering traffic based on the DHCP snooping binding database and on manually configured IP source bindings. You can use IP source guard to prevent traffic attacks if a host tries to use the IP address of its neighbor.

After IPSG is enabled on an interface, the switch blocks all IP traffic received on the interface except for DHCP packets allowed by DHCP snooping. A port access control list (ACL) is applied to the interface. The port ACL allows only IP traffic with a source IP address in the IP source binding table and denies all other traffic.

Hope it Helps..

-GI