Filter
Top Products
44 Brocade 6910 Ethernet Access Switch MIB Reference
53-1002582-01
IP Source Guard
IP Source Guard
IP Source Guard is a security feature that restricts IP traffic on untrusted ports. IP Source Guard
filters traffic based on the DHCP snooping binding database or the manually configured IP source
bindings.
When IP Source Guard is first enabled, only DHCP packets are allowed and all IP traffic is blocked.
When the system learns a valid IP address, IP Source Guard then allows IP traffic. Only the traffic
with valid source IP addresses is permitted.
SNMP IP Source Guard MIB objects manage information for the configuration of the IP Source
Guard feature. There are three tables for IP Source Guard:
• fdryIpSrcGuardIfConfigTable - enables or disables IP Source Guard on each physical interface.
• fdryIpSrcGuardPortVlanConfigTable - enables or disables IP Source Guard on a port on a VLAN.
(Not provided by this switch.)
• fdryIpSrcGuardBindTable - provides the IP addresses used for IP Source Guard purposes at
each physical interface, with or without specific VLAN memberships. (To be provided at a later
date.)
IP Source Guard Interface configuration table
Name, Identifier, and Syntax Access Description
fdryIpSrcGuardIfConfigTable
brcdIp.1.1.3.37.1.1
N/A This table enables or disables IP Source Guard on each
physical interface.
fdryIpSrcGuardIfConfigEntry
brcdIp.1.1.3.37.1.1.1
N/A A row indicates if IP Source Guard is enabled or
disabled on each physical interface. It is indexed by
ifIndex.
fdryIpSrcGuardIfEnable
brcdIp.1.1.3.37.1.1.1.1
Syntax: TruthValue
Read-write This object indicates whether IP Source Guard is
enabled on this interface.
If this object is set to “true”, IP Source Guard is
enabled. Traffic coming to this interface will be
forwarded if it is from the list of IP addresses obtained
from DHCP snooping. Otherwise it is denied.
If this object is set to “false”, IP Source Guard is
disabled.