Skip to end of metadata
Go to start of metadata

You are viewing an old version of this page. View the current version.

Compare with Current View Page History

« Previous Version 5 Next »


Configure port security features, including MAC limiting,

dynamic ARP inspection, whether interfaces can receive DHCP responses, DHCP snooping, IP source guard, DHCP option 82, MAC move limiting, and FIP snooping.


MAC Spoofing/ Flooding
Mac learning limit

set switch-options Finance-users interface-mac-limit 2

set switch-options Finance-users interface-mac-limit 2 packet-action shutdown

or

set switch-options Finance-users interface-mac-limit 2 packet-action drop-and-log

drop any pack from new mac address

or @ VLAN Level

set vlans IT-Ops switch-options Finance-users interface-mac-limit 2 packet-action drop-and-log

Mac Move Limit
Persistent Learning


Rogue DHCP Server
DHCP Snooping


ARP poisoning / Spoofing
Dynamic ARP Inspection


  • No labels