Текст страницы
Data from the pc1, by inter0/1 pvid VLAN10 encapsulation VLAN10 labeled into switches, switch
found system e0/2 allows 10 data through the VLAN, so the data is forwarded to the system e0/2,
because the system e0/2 VLAN is untagged 10, then switches at this time to remove packet VLAN10
tag, in the form of ordinary package sent to pc2, pc1 - > pc2 is VLAN10 walking at this time.
Again to analyze pc2 gave pc1 package process, data from the pc2, by inter0/2 pvid VLAN20
encapsulation VLAN20 labeled into switch, switch found system e0/1 allows VLAN by 20 data, so the
data is forwarded to the system e0/1, because the system e0/1 on the VLAN is untagged 20, then
switches remove packets on VLAN20 tag at this time, in the form of ordinary package sent to pc1,
pc2 at this time - > pc1 is VLAN 20.
Fault/Safety
In the navigation bar, select Fault/safety, you can set Anti attack, Channel detection and ACL
configuration.
Fault/safety
4.4.1 Anti-attack
4.4.1.1 DHCP
In the navigation bar, select Fault/safety > Anti attack > DHCP. Open the DHCP anti-attack function,
intercepting counterfeit DHCP server and address depletion attack packets ban DHCP server. The
following picture:
DHCP
[Instructions]
DHCP trusted port configuration, select the port as a trusted port. Prohibit DHCP for address, select
the port and save, you can disable this feature for the port.
Open DHCP attack prevention function, need to set the DHCP protective vlan simultaneously, other
functions to take effect.
Switch Configuration 27