Huawei H3C Access Switch port binding basic configuration

H3C access switches, such as E126, configure Port bindings, restrict access to authorized users only, configure the following steps:

1, into the interface configuration mode

int e 1/0/24

2. Am User-bindi Port Binding command
Bind MAC address and IP address am user-bind mac-addr mac-address
The AM user-bind command is used to bind the user's MAC address and IP address to the specified port.
Undo am User-bind
The command is used to cancel the binding of the MAC address and IP address to the specified port.
When a binding operation is made, the switch only issues the user with the specified MAC address and IP address received from the port
Message is forwarded.
By default, the user's MAC address and IP address are not bound to the specified port

Method:

(1) The binding method of only one computer under 1 ports

If the IP address is 10.100.10.2, and the MAC address is 00-1a-4d-1e-39-2d computer is connected to the G1/0/2 port of the switch, the following configuration can be done:

Interface Gigabitethernet 1/0/2 first into port 2nd.

User-bind ip-addr 10.100.10.2 mac-addr 001a-4d1e-392d bound IP and Mac

(2) 1 port next to a small switch binding mode

such as: 1th ports under a 8-port access to a small switch, the switch has 3 computers, 3 computer IP and Mac as follows

1 Computer's ip:10.100.11.2 mac:00-1a-4d-1e-39-81
2 computer's ip:10.100.11.3 mac:00-1a-4d-1e-39-8e
3 computer's ip:10.100.11.4 mac:00-1a-4d-1e-39-8f

So these three computers need to be bundled, can be configured as follows:

Interface Gigabitethernet 1/0/1 first into Port 1.

User-bind mac-addr 001a-4d1e-3981 ip-addr 10.100.11.2
User-bind mac-addr 001a-4d1e-398e ip-addr 10.100.11.3
User-bind mac-addr 001a-4d1e-398f ip-addr 10.100.11.4

(3) If there is no equipment under the port, then when the new access to a terminal, there is no Ip+mac address restrictions, there may be normal access to the Internet, it is also necessary to turn off the MAC address on these idle ports automatically learning functions, commands are as follows:

Interface Gigabitethernet 1/0/20 first into the free port 20th

Mac-address mac-learning disable turn off the MAC address of this port learning function

Basic Configuration

1, Port +mac
A) AM command
Use the Special am user-bind command to complete the binding between the MAC address and the port. For example:
[Switcha]am user-bind mac-address 00e0-fc22-f8d3 interface Ethernet 0/1

Configuration Note: Because the port parameter is used, the port is the reference object, that is, the port E0/1 only allow PC1 to surf the internet, while PCs using other unbound MAC addresses will not be able to surf the Internet. However, PC1 uses this MAC address to surf the internet on other ports.

b) mac-address command
Use the mac-address static command to complete the binding between the MAC address and the port. For example:
[switcha]mac-address static 00E0-FC22-F8D3 interface Ethernet 0/1 VLAN 1
[switcha]mac-address Max-mac-count 0

Configuration Description: Because the use of the port learning function, the static binding Mac, you need to set the port Mac learning number is 0, so that the other PC access to the port after its MAC address can not be learned.

2,ip+mac

A) AM command
Use the Special am user-bind command to complete the binding between the IP address and the MAC address. For example:
[Switcha]am user-bind ip-address 10.1.1.2 mac-address 00e0-fc22-f8d3

Configuration Description: The above configuration completes to the PC IP address and the MAC address global binding, namely with the binding IP address or the MAC address different PC machine, in any port can not access the Internet.

Support model: s3026e/ef/c/g/t, S3026C-PWR, e026/e026t, s3050c, E050, S3526e/c/ef, s5012t/g, s5024g

b) ARP command
Use the special arp static command to complete the binding between the IP address and the MAC address. For example:
[Switcha]arp Static 10.1.1.2 00e0-fc22-f8d3

Configuration Description: The above configuration completes the global binding of the PC's IP address and MAC address.

3, Port +ip+mac

Use the Special am user-bind command to complete the binding between IP, MAC address and port. For example:
[Switcha]am user-bind ip-address 10.1.1.2 mac-address 00e0-fc22-f8d3 interface Ethernet 0/1

Configuration Description: Can complete the PC1 IP address, MAC address and port E0/1 between the binding function. Because the port parameter is used, the port is the reference object, that is, the port E0/1 only allow PC1 Internet access, while the use of other unbound IP address, MAC address of the PC can not access the Internet. However, PC1 uses this IP address and MAC address to surf the internet on other ports.

Support model: S3026E/S3026E-FM/S3026-FS;S3026G;S3026C;S3026C-PWR;E3026;E050;S3526E/C; s3526e-fm/fs; S5012t/g, s5024g, S3900, S5600, S6500 (3 generation engine)