UserPorts spoofing and usage

Topic

Hi,

I am new to Alcatel and I am wondering how the qos user-ports shutdown spoof works feature works, i.e. how does the switch get a grip of the suppossed prefix?Also does this protect against arp cache poisoning?

Secondly, what would you guys see as a ‘User’ point of view the switch? Servers and clients or would you typically only mark ports leading to a desktop / workstation / phone as an UserPort?

Thanks,

Frank.

Date
05.11.2020
answers
2
views
0
Author
Asked by citytalon

Answers

Hi thanjavuru,

thanks for your time and answer but it is not quite what I was looking for. The manual says about the spoof feature:

" Detects IP spoofing. The source IP address of a packet ingressing on a user port is compared to the subnet of the VLAN for the user port; the packet is dropped if these two items do not match. Also applies to ARP packets " AOS 8.5 R02 CLI Reference Guide page 35-16

So how does the switch know which network belongs to a given VLAN?

Thanks, Frank.

Date
09.11.2020
Author
Asked by citytalon
Add Comment
Vote

Spoof works for IP spoofing (Source address) and ARP traffic.

We need to select the ports that will be user-ports by creating a "UserPorts" group.

For example, the policy port group UserPorts 1/1/1-24.

Note: UserPorts is a keyword.

The user port group will be selected based on the need.

In General, I have used on access ports where users are connected to ensure no user connects his own DHCP-Server or Switch as below.

For Example, QoS is below to shutdown when we receive(Ingress) DHCPOFFER or BPDU on the user ports.

Policy port group UserPorts 1/1/24

QoS user-ports shutdown dhcp-server bpdu

QoS apply

For more details, you can refer to the Network configuration guide -topic configuring QoS.

 

 

 

 

 

Date
05.11.2020
Author
Asked by thanjavuru
Add Comment
Vote