Filter
Top Products
Dynamic Host Configuration Protocol | 329
IP Source Address Validation validates the IP source address of an incoming packet against the DHCP
Snooping binding table. IP+MAC Source Address Validation ensures that the IP source address and MAC
source address are a legitimate pair, rather validating each attribute individually. IP+MAC Source Address
Validation cannot be configured with IP Source Address Validation.
FTOS creates an ACL entry for each IP+MAC address pair in the binding table and applies it to the
interface.
Step Task Command Syntax Command Mode
1 Allocate at least one FP block to the
ipmacacl CAM region.
cam-acl l2acl
CONFIGURATION
2 Save the running-config to the
startup-config.
copy running-config startup-config
EXEC Privilege
3 Reload the system.
reload
EXEC Privilege
4 Enable IP+MAC Source Address
Validation.
ip dhcp source-address-validation ipmac
INTERFACE
Task Command Syntax Command Mode
Display the IP+MAC ACL for an
interface for for the entire system.
show ip dhcp snooping source-address-validation
[interface]
EXEC Privilege