Alcatel-Lucent ls 6248 User Guide

Configuring the Switch

184

3

• Remove — Removes the entry. The possible field values are: 

• Checked — Removes the selected entry. 

• Unchecked — Maintains the current entry information. 

Web – Click Security, DHCP Snooping, ARP Inspection, VLAN Settings. Define the 
fields and click Apply.

IP Source Guard is a security feature that restricts the client IP traffic to those source 
IP addresses configured in the binding. IP traffic restrictions are applied according to 
definitions in both the DHCP Snooping Binding Database and in manually 
configured IP source bindings. For example, IP Source Guard can help prevent 
traffic attacks caused when a host tries to use the IP address of its neighbor.
Notes: 1.

IP Source Guard must be enabled globally in the IP Source Guard Properties 
Page before it can be enabled on the device interfaces.

IP Source Guard uses Ternary Content Addressable Memory (TCAM) 
resources, requiring use of 1 TCAM rule per 1 IP Source Guard address 
entry. If the number of IP Source Guard entries exceeds the number of 
available TCAM rules, new IP source guard addresses remain inactive.

IP Source Guard can be enabled only on DHCP Snooping untrusted 
interfaces.

IP Source Guard cannot be configured on routed ports.

If IP Source Guard and MAC address filtering is enabled on a port, Port 
Security cannot be activated on the same port.