How do layer three switches set IP-MAC bindings? Cross-network segment IP-MAC binding scheme.

There are two main factors to consider when configuring IP-MAC bindings on a switch:

1. Does the switch turn on DHCP service?

2. are port bindings or ARP bindings used?

Port binding, or ARP binding, only enforces the correspondence of the Ip-mac. However, for clients that obtain an IP address automatically, it is also necessary to assign a fixed IP to the DHCP server, otherwise the client will not be able to network after the IP is re-acquired. Therefore, a perfect IP-MAC binding scheme should consider the static address assignment of DHCP, and consider the actual binding implementation of IP-MAC. There are two scenarios for layer three switches:

1. Layer three switch as a DHCP server

In the case of Huawei's S5700, if the DHCP service is already turned on, the binding of DHCP is required, and the binding of ARP is required. The specific commands are as follows:

1.1) DHCP assignment static IP

int vlanif 50

DHCP server static-bind ip-address 192.168.50.100 mac-address 1234-1234-1234

1.2) ARP Binding

User-bind static ip-address 192.168.50.100 mac-address 1234-1234-1234

With this configuration, the MAC address can be acquired to the specified IP every time, and only the specified IP address can be networked. Configuring IP-MAC bindings on layer three switches is relatively complex to configure and maintain. In fact, there is a way to enable DHCP on the gateway to each VLAN. Ip-mac bindings are made directly on the gateway. Please continue reading:

2. Three layer switch does not do DHCP server

Simply put, the DHCP service on each VLAN is enabled on the gateway, and the port of the three-layer switch is set to the trunk port. The IP address and bindings are assigned by the gateway. For the Cisco 3750 example, the steps are as follows:

2.1) Configure the switch with the port as trunk port

#interface FASTETHERNET0/1

#switchport Trunk Encapsulation dot1q

#switchport Mode Trunk

Set the port number 1th to the top of the router gateway device.

2.2) VLAN Configuration

#Interface Vlan 2

#ip Address 192.168.20.2 255.255.255.0

Modify the VLAN parameters to set the IP of the switch VLAN to 192.168.20.2,192.168.20.1 reserved for the gateway.

2.3) DHCP with VLAN and VLAN enabled on WSG Gateway

650) this.width=650; "Src=" Http://www.imfirewall.com/blog/zb_users/upload/2017/06/201706231498204647476469.png " Style= "width:900px;" title= "201706231498204647476469.png" alt= "201706231498204647476469.png" width= "vspace=" 0 "border=" 0 "/>

650) this.width=650; "Src=" Http://www.imfirewall.com/blog/zb_users/upload/2017/06/201706231498204647112447.png " Style= "width:900px;" title= "201706231498204647112447.png" alt= "201706231498204647112447.png" width= "vspace=" 0 "border=" 0 "/>

The IP address of the gateway's VLAN interface is set to 192.168.20.1, set the DHCP scope, and enable DHCP. After the above configuration, the client of each VLAN can obtain the automatically assigned IP address through the trunk port, and then combine the IP-MAC binding function of the WSG gateway to implement the binding.

2.4) Enable IP-MAC binding

650) this.width=650; "Src=" Http://www.imfirewall.com/blog/zb_users/upload/2017/06/201706231498205681112590.png " Style= "width:900px;" title= "201706231498205681112590.png" alt= "201706231498205681112590.png" width= "vspace=" 0 "border=" 0 "/>

650) this.width=650; "Src=" Http://www.imfirewall.com/blog/zb_users/upload/2017/06/201706231498205681123224.png " Title= "201706231498205681123224.png" style= "white-space:normal;width:800px;" alt= "201706231498205681123224.png" Width= "vspace=" 0 "border=" 0 "/>

The three-layer switch is powerful, but configuration and maintenance are complex, so modify the configuration with caution.

How do layer three switches set IP-MAC bindings? Cross-network segment IP-MAC binding scheme.