Friday, January 13, 2017

Security Optimization Configuration of display security bind ip(distributing-mode)

Function

This command is used to query the dynamic binding information about IP addresses after anti-IP spoofing is enabled. To know the binding status of the current device IP address and the user, run this command.

Format

display security bind ip [ frameid/slotid | frameid/slotid/portid [ ontid ] | number ]
display security bind ip service-port service-portid

Parameters

Parameter Description Value
frameid/slotid Indicates the subrack ID and slot ID. Enter a slash (/) between the subrack and slot IDs. To query the information about IP addresses bound to a specified board, use this parameter. Please see Differences Between Shelves.
frameid/slotid/portid Indicates the subrack ID, slot ID, and port ID. Enter a slash (/) between the subrack, slot, and port IDs. To query the information about IP addresses bound to a specified port, use this parameter. Please see Differences Between Shelves.
ontid Indicates the ONT ID. To query the dynamic binding information about IP addresses for a specified ONT, use this parameter. Numeral type. Range: varies with the board type.
service-port service-portid Indicates the service port ID. To query the dynamic binding information about IP addresses for a service port, use this parameter. When querying the current dynamic binding information about IP addresses based on service port ID, ensure that the service port exists.
Numeral type,Range:
  • SCUK/SCUL/SCUN:0-32767.
  • SCUB/SCUF:0-16383.
  • SCUH/SCUV:0-131071.
  • MCUD/MCUD1/MCUE:0-20479.
number Only to query the total number of dynamic binding IP addresses, use this parameter. -

Modes

Privilege mode

Level

Common user level

Usage Guidelines

  • You can query the dynamic binding information about IP addresses only after anti-IP spoofing is enabled by running the security anti-ipspoofing command.
  • If you do not enter any parameters, the system displays the dynamic binding information about all IP addresses in the system.

Example

To query the dynamic binding information about all IP addresses in the system, do as follows:
huawei#display security bind ip
  ----------------------------------------------------
  FlowID  BundleID   F/ S/ P   ONT-ID  IP-Address
  ----------------------------------------------------
  10      -          0/ 3/ 0   -       10.10.10.13
  10      -          0/ 3/ 0   -       10.10.10.14
  10      -          0/ 3/ 0   -       10.10.10.15
  ----------------------------------------------------
  Total: 3
In the ADSL access service, to query the dynamic binding information about IP addresses on service port 10, do as follows:
huawei#display security bind ip service-port 10
  ----------------------------------------
  FlowID                 : 10
  BundleID               : -
  VLAN ID                : 1
  F/S/P                  : 0/3/1
  VPI                    : auto
  VCI                    : auto
  ----------------------------------------
  IP-Address             : 10.10.10.13
  User MAC               : 00E0-FC00-0001
  Lease Time             : 019:47:00
  Allocated Lease Time   : 024:00:00
  Subnet Mask            : 255.255.255.0
  Gateway IP-Address     : 10.10.10.100
  DHCP Server IP-Address : 1.1.1.1
  ----------------------------------------
  IP-Address             : 10.10.10.14
  User MAC               : 00E0-FC00-0002
  Lease Time             : 019:47:00
  Allocated Lease Time   : 024:00:00
  Subnet Mask            : 255.255.255.0
  Gateway IP-Address     : 10.10.10.100
  DHCP Server IP-Address : 1.1.1.1
  ----------------------------------------
  IP-Address             : 10.10.10.15
  User MAC               : 00E0-FC00-0003
  Lease Time             : 019:47:00
  Allocated Lease Time   : 024:00:00
  Subnet Mask            : 255.255.255.0
  Gateway IP-Address     : 10.10.10.100
  DHCP Server IP-Address : 1.1.1.1
  ----------------------------------------
  Total: 3
In the GPON access service, to query the dynamic binding information about IP addresses on service port 6, do as follows:
huawei#display security bind ip service-port 6
  ----------------------------------------
  FlowID                 : 6
  BundleID               : -
  VLAN ID                : 1
  F/S/P                  : 0/4/0
  GEM Port ID            : 128
  ----------------------------------------
  IP-Address             : 10.10.10.16
  User MAC               : 00E0-FC00-0004
  Lease Time             : 019:57:00
  Allocated Lease Time   : 024:00:00
  Subnet Mask            : 255.255.255.0
  Gateway IP-Address     : 11.11.11.10
  DHCP Server IP-Address : 5.5.5.5
  ----------------------------------------
  IP-Address             : 10.10.10.17
  User MAC               : 00E0-FC00-0005
  Lease Time             : 019:57:00
  Allocated Lease Time   : 024:00:00
  Subnet Mask            : 255.255.255.0
  Gateway IP-Address     : 11.11.11.10
  DHCP Server IP-Address : 5.5.5.5
  ----------------------------------------
  Total: 2
To query the total number of dynamic binding IP addresses in the system, do as follows:
huawei#display security bind ip number
  Number of bound IP entries: 2
Posted by at
Labels: , ,

No comments:

Post a Comment

Subscribe to: Post Comments (Atom)