Hà Nội: NTT03, Line 1, Thống Nhất Complex, 82 Nguyễn Tuân, Thanh Xuân, Hà Nội. ● HCM: Số 31B, Đường 1, Phường An Phú, Quận 2 (Thủ Đức), TP HCM. ===> Đơn Vị Hàng Đầu Trong Lĩnh Vực Cung Cấp Thiết Bị Security - Network - Wifi - CCTV - Conference - Máy chủ Server - Lưu trữ Storge.
Logo CNTTShop.vn
KD: 0862 158 859 - 0966 658 525 Purchase: 0906 051 599
Danh mục sản phẩm

Overview IP Source Guard

The IP Source Guard function is one packet filter function and can filter and control the packets forwarded by the port, preventing the invalid packets from passing the port and improving the port security. The function can be divided to two kinds:

The port IP Source Guard function filters the IP packets received by the specified port. The filter mode includes IP, MAC, and IP+MAC. The specific processing modes are as follows:

  • IP mode: If the source IP address and VLAN ID in the packet are the same as the IP address and VLAN ID recorded in the bound entries, the port forwards the packet. Otherwise, drop it.
  • MAC mode: If the source MAC in the packet is the same as the MAC address, VLAN number recorded in the binding table, the port will forward the packet. Otherwise, drop it.
  • IP+MAC mode: If the source IP address, source MAC address, and VLAN ID in the packet are the same as the IP address, MAC address and VLAN ID recorded in the bound entries, the port forwards the packet. Otherwise, drop the packet.

The setting of the filter type takes effect only for the dynamic binding entry, not affecting the static binding entry.

The bound entries of the port IP Source Guard include two kinds:

  • Static bound entries, manual configured port IP Source Guard static bound entries
  • Dynamic bound entries, dynamically generated by the valid entries of the DHCP Snooping function.

Global IP Source Guard function filters the packets received by all ports, including ARP and IP packets. The specific filter modes are as follows:

  • If the source IP address in the IP packet is the same as the IP address in the global IP Source Guard bound entries, but the source MAC address is different, or the source MAC address in the IP packet is the same as the MAC address in the global IP Source Guard bound entries, but the source IP address id different, drop the packet.
  • If the sending IP address in the ARP packet is the same as the IP address in the bound entries, but the source MAC address is different, or the source MAC address in the ARP packet is the same as the MAC address in the bound entries, but the sending IP address is different, drop the packet.

Danh mục sản phẩm

Bộ Phát Wifi
Thiết Bị Chuyển Mạch Switch
Module Quang
Tường Lửa Firewall
Router Cân Bằng Tải
Máy Chủ Server
Phụ Kiện Server
Logo Công Ty TNHH Việt Thái Dương

Công Ty TNHH Công Nghệ Việt Thái Dương

CNTTShop.vn đã đăng ký bộ công thương DMCA.com Protection Status

Văn phòng Hà Nội:

NTT03, Line1, Thống Nhất Complex,
Thanh Xuân, Hà Nội.

Điện thoại:  0962.052.874

Email:  kd2@cnttshop.vn

Văn phòng TPHCM:

Số 31B, Đường 1, Phường An Phú,
Quận 2 (Thủ Đức), TP HCM.

Điện thoại:  0967.415.023

Email:  kd5@cnttshop.vn