The ip source check user-bind check-item command configures IP packet check items in a VLAN.
The undo ip source check user-bind check-item command restores the default IP packet check items in a VLAN.
By default, the check items contain the IP address, MAC address, VLAN and interface information.
ip source check user-bind check-item { ip-address | mac-address | interface } *
undo ip source check user-bind check-item
| Parameter | Description | Value |
|---|---|---|
| ip-address | Checks whether the IP address of an IP packet matches a binding entry. | - |
| mac-address | Checks whether the MAC address of an IP packet matches a binding entry. | - |
| interface | Checks whether interface information of an IP packet matches a binding entry. | - |
Usage Scenario
When you check an IP packet against the binding table, run the ip source check user-bind check-item (VLAN view) command to configure IP packet check items in a specified VLAN. When the device receives an IP packet, it checks the items against the binding table. Only packets that match the binding entries can be forwarded; otherwise, packets are discarded. The optional check items of an IP packet contain the source IP address, source MAC address, and interface information. VLAN information is a mandatory check item.
Prerequisites
IP packet check has been enabled using the ip source check user-bind enable command in the VLAN view.
Precautions
When a large number of binding entries exist, it may take a long time to check IP packets, reducing forwarding efficiency.
This command is valid only for dynamic binding entries. The device checks the received packets against entries in the static binding table.