UserPorts spoofing and usage
Topic
Hi,
I am new to Alcatel and I am wondering how the qos user-ports shutdown spoof works feature works, i.e. how does the switch get a grip of the suppossed prefix?Also does this protect against arp cache poisoning?
Secondly, what would you guys see as a ‘User’ point of view the switch? Servers and clients or would you typically only mark ports leading to a desktop / workstation / phone as an UserPort?
Thanks,
Frank.
Answers
citytalon
Hi thanjavuru,
thanks for your time and answer but it is not quite what I was looking for. The manual says about the spoof feature:
" Detects IP spoofing. The source IP address of a packet ingressing on a user port is compared to the subnet of the VLAN for the user port; the packet is dropped if these two items do not match. Also applies to ARP packets " AOS 8.5 R02 CLI Reference Guide page 35-16
So how does the switch know which network belongs to a given VLAN?
Thanks, Frank.
thanjavuru
Spoof works for IP spoofing (Source address) and ARP traffic.
We need to select the ports that will be user-ports by creating a "UserPorts" group.
For example, the policy port group UserPorts 1/1/1-24.
Note: UserPorts is a keyword.
The user port group will be selected based on the need.
In General, I have used on access ports where users are connected to ensure no user connects his own DHCP-Server or Switch as below.
For Example, QoS is below to shutdown when we receive(Ingress) DHCPOFFER or BPDU on the user ports.
Policy port group UserPorts 1/1/24
QoS user-ports shutdown dhcp-server bpdu
QoS apply
For more details, you can refer to the Network configuration guide -topic configuring QoS.