05-14-2012 02:33 AM - edited 03-07-2019 06:41 AM
hi,
we have 6509 switch configured with several vlans (Data,voice etc) as back bone connected with edge switches. the users who are connecting to perticular vlan will get ip address from Linux server which is working as a dhcp server. we have some exculded ranges of ip address in the dhcp server as well. now we are planning in a way that the user who are having dynamic IP address only allowed to connect our network. the user who is having static ip address should not connect to our network. even the ip address is related to same vlan he should not connect. can anyone help on this issue .how can we configure our switches to implement this task.
thanks in advance.
sharfuddin
05-14-2012 02:55 AM
Hi,
the feature you are looking for is DHCP snooping + IP Source guard but I took a look at 6500 configuration guide and didn't find this feature. Maybe you can implement it on access switches depending upon model and image installed.
Regards.
Alain
05-14-2012 05:41 AM
Also You have to make sure as well to add static binding entries for those internetworking devices that have static mac address to avoid dropping traffic received from any of them by ip source guard.
Switch(config)# ip source binding mac-address vlan vlan-id ip-address interface
type mod/num
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide