返回
05实验指导(dhcp欺骗、arp欺骗的防范)

05实验指导(dhcp欺骗、arp欺骗的防范)

ID:34107101

大小:93.49 KB

页数:3页

时间:2019-03-03

05实验指导(dhcp欺骗、arp欺骗的防范)_第1页
05实验指导(dhcp欺骗、arp欺骗的防范)_第2页
05实验指导(dhcp欺骗、arp欺骗的防范)_第3页
资源描述:

《05实验指导(dhcp欺骗、arp欺骗的防范)》由会员上传分享,免费在线阅读,更多相关内容在工程资料-天天文库

1、实验指导(DHCP欺骗、ARP欺骗的防范)一、实验任务VLAN2VLAN310.0.0.X/241、PCI—PC4用R1—R4模拟,关闭到SW3的接口,SWKSW2之间的链路TRUNK2、配置R1为DHCP服务器,分配IP地址:10.0.0.0/243、在SW1和SW2上趾置DHCP欺骗防范4、在SW1和SW2上配置ARP欺骗防范二、实验步骤1、清除交换机的配置(在三台交换机上执行):Switch#erasestartup-configSwitch#deleteflash:vlan・datSwi

2、tch#reload2、防DHCP欺骗:步骤1:预配如下:01•———————————————————interfaceFastEthernetO/13switchporttrunkencapsulationdotlqswitchportmodetrunkinterfaceFastEthernetO/14switchporttrunkencapsulationdotlqswitchportmodetrunkinterfaceFastEthernetO/15shutdownS2:=========

3、===============interfaceFastEthernetO/13switchporttrunkencapsulationdotlqswitchportmodetrunkinterfaceFastEthernetO/14switchporttrunkencapsulationdotlqswitchportmodetrunkinterfaceFastEthernetO/15shutdown步骤2:把R1配置成DHCPServerR1:(DHCPServer)配置IP地址ipdhcpp

4、oolDHCPnetwork10.0.0.0255.255.255.0intf0/0noshutdownipaddress10.0.0.1255.255.255.0步骤3:防DHCP欺骗SW1:ipdhcpsnoopingipdhcpsnoopingvlan1noipdhcpsnoopinginformationoptioninterfacef0/l//接Rl,这是trusted接口switchportmodeaccessipdhcpsnoopingtrustinterfacefO/2//接R2

5、,这是untrusted接口switchportmodeaccessSW2:ipdhcpsnoopingipdhcpsnoopingvian1noipdhcpsnoopinginformationoptioninterfacerangefO/13-14//上连接口ipdhcpsnoopingtrust步骤4:测试R2:(DHCPClient)interfacef0/0noshutdownipaddressdhcpshowipintbriefR3:(DHCPClient)interfacef0/l

6、noshutdownipaddressdhcpshowipintbriefR4:(DHCPClient)interfacef0/lnoshutdownipaddressdhcpshowipintbriefSlttshowipdhcpsnoopingbindingMacAddressIpAddressLease(sec)TypeVLANInterface00:09:B7:FE:46:C010.0.0.486388dhcp-snooping1FastEthernetO/2Totalnumberofb

7、indings:1S2#showipdhcpsnoopingbind3、防ARP欺骗:步骤1:防ARP欺骗SW1:ipdhcpsnoopingipdhcpsnoopingvlan1noipdhcpsnoopinginfonnationoptioniparpinspectionvlan1iparpinspectionvalidatesrc^macdst-macipinterfacefO/1//接Rl,这是trusted接口switchportmodeaccessipdhcpsnoopingtrus

8、tiparpinspectiontrustSW2:ipdhcpsnoopingipdhcpsnoopingvlan1noipdhcpsnoopinginformationoptioniparpinspectionvlan1iparpinspectionvalidatesrc-macdst-macipinterfacerangefO/13-14//上连接口switchporttrunkencapdotlqswitchportmodetrunkipdhcpsnoopingtrustiparpinsp

当前文档最多预览五页,下载文档查看全文

此文档下载收益归作者所有

当前文档最多预览五页,下载文档查看全文
温馨提示:
1. 部分包含数学公式或PPT动画的文件,查看预览时可能会显示错乱或异常,文件下载后无此问题,请放心下载。
2. 本文档由用户上传,版权归属用户,天天文库负责整理代发布。如果您对本文档版权有争议请及时联系客服。
3. 下载前请仔细阅读文档内容,确认文档内容符合您的需求后进行下载,若出现内容与标题不符可向本站投诉处理。
4. 下载文档时可能由于网络波动等原因无法下载或下载错误,付费完成后未能成功下载的用户请联系客服处理。