do network management for a period of time, before eventually adopted in switch or firewall MAC and IP binding, if binding and network equipment do not match, so the computer can't get to the Internet, this method is to use, the disadvantage is that according to the condition of topology, computer and computer communications shall not be affected at local scope, if the access layer switches support binding, you can completely limit,

I didn't do it a firewall, a little curious about how to get to the client firewall of MAC, packets after middleware MAC are changed

CodePudding user response:

refer to the second floor of mushrooms meow meow response:

Quote: refer to 1st floor Iforgetmyid response:

cisco should also support the arp binding,

client pick up under the Oring, can't do at the distribution layer arp

Your gateway on convergence switch 3, he can't surf the Internet at least three, if you want to reach the purpose of you completely, only in access layer switches,

CodePudding user response:

Very good method, support

CodePudding user response:

To learn, is very interested in this aspect,

CodePudding user response:

I was thinking, want to ask if there is no other way to is I don't know the

CodePudding user response:

reference 5 floor Iforgetmyid reply:

Quote: refer to the second floor mushroom meow meow response:

Quote: refer to 1st floor Iforgetmyid response:

cisco should also support the arp binding,

client pick up under the Oring, can't do at the distribution layer arp

Your gateway on convergence switch 3, he can't surf the Internet at least three, if you want to reach the purpose of you completely, only in access layer switches,

I was thinking, just want to ask is there any way I don't know what is

CodePudding user response:

You embarrassed, questions in distribution and gathering a concept, should be distributed and core

CodePudding user response:

DHCP snooping + + IPSG DAI