Shulou(Shulou.com)06/01 Report--

There are two main factors to consider when configuring IP-mac binding on a switch:

Does the switch enable DHCP service?

Do you use port binding or ARP binding?

Port binding or ARP binding only enforces the correspondence of IP-MAC. However, for clients that automatically obtain IP addresses, a fixed IP needs to be allocated on the DHCP server; otherwise, when the client reacquires the IP, it will not be able to connect to the network. Therefore, a perfect IP-MAC binding scheme should consider not only the static address allocation of DHCP, but also the actual binding implementation of IP-MAC. For layer 3 switches, there are two situations:

1. Layer 3 switch acts as DHCP server

Take Huawei's S5700 as an example, if you have already enabled the DHCP service, you need to bind both DHCP and ARP. The specific commands are as follows:

1.1) DHCP assigns static IP

Int vlanif 50

Dhcp server static-bind ip-address 192.168.50.100 mac-address 1234-1234-1234

1.2) ARP binding

User-bind static ip-address 192.168.50.100 mac-address 1234-1234-1234

After this configuration, the MAC address can get the specified IP every time, and only the specified IP address can be connected to the network. Configuring IP-MAC binding on layer 3 switches is relatively complex to configure and maintain. In fact, there is another way is to enable the DHCP to each VLAN at the gateway. Perform IP-MAC binding directly on the gateway. Please read on:

two。 Layer 3 switch does not act as DHCP server

To put it simply, it is to enable the DHCP service for each VLAN on the gateway, and then set the upper interface of the layer 3 switch to the trunk port. The gateway assigns IP addresses and bindings. Take cisco 3750 as an example, the specific steps are as follows:

2.1Configuring that the uplink port of the switch is trunk port

# interface FastEthernet0/1

# switchport trunk encapsulation dot1q

# switchport mode trunk

Set Port 1 as the uplink port to connect to the upper router gateway device.

2.2) VLAN configuration

# interface Vlan 2

# ip address 192.168.20.2 255.255.255.0

Modify the VLAN parameter to set the IP of switch VLAN to 192.168.20.2192.168.20.1 to reserve for the gateway.

2.3) enable DHCP for VLAN and VLAN on WSG gateways

The IP address of the gateway's VLAN interface is set to 192.168.20.1, the DHCP range is set, and DHCP is enabled. After the above configuration, the clients of each VLAN can obtain the automatically assigned IP address through the trunk port, and then combine the IP-mac binding function of the WSG gateway to realize the binding.

2.4) enable IP-MAC binding

Although the layer 3 switch is powerful, its configuration and maintenance are complex, so we must be careful to modify the configuration.

Welcome to subscribe "Shulou Technology Information " to get latest news, interesting things and hot topics in the IT industry, and controls the hottest and latest Internet news, technology news and IT industry trends.