This website uses cookies. By clicking Accept, you consent to the use of cookies. Click Here to learn more about how we use cookies.
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for
- Extreme Networks
- Community List
- Hero Community
- Hero Discussions
- VOSS Duplicate Ip address
Options
- Subscribe to RSS Feed
- Mark Topic as New
- Mark Topic as Read
- Float this Topic for Current User
- Bookmark
- Subscribe
- Mute
- Printer Friendly Page
VOSS Duplicate Ip address
VOSS Duplicate Ip address
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
08-16-2022 05:40 PM
I have the need for some VSPs that are in the Vist scheme, to be able to detect duplicity of IP for a vlan that they are GW with RSMLT, we did a test with spoof detected, however it only works when an endpoint has the same ip as RSMLT or VRRP
3 REPLIES 3
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
08-18-2022 03:56 AM
Hi Francisco,
Your config looks good, there is not a lot of config to enable spoof-detect.
Maybe you should try to upgrade to a newer release.
There is some corrections (issue found with VRRPv3) and changes (logs enhancement) in higher release.
Warning if you go higher than 8.2, remote management access is modified, check the RN.
regards,
Théo
Your config looks good, there is not a lot of config to enable spoof-detect.
Maybe you should try to upgrade to a newer release.
There is some corrections (issue found with VRRPv3) and changes (logs enhancement) in higher release.
Warning if you go higher than 8.2, remote management access is modified, check the RN.
regards,
Théo
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
08-17-2022 11:10 AM
Hi TQU
your observation is correct, I want to be able to detect duplicate ips within service vlans (data, telephony, etc)
On the other hand, I'm telling you that I have spoof detect enabled, however I can't see logs of duplicate IP address.
I attach the scripts of the equipment that I have in the laboratory, since I do not have access to the real equipment in production.
VSP-1:1(config)#
VSP-1:1(config)#show running-config
Preparing to Display Configuration...
************************************************************************************
Command Execution Time: Wed Jun 20 02:25:57 1973 UTC
************************************************************************************
#
# Wed Jun 20 02:25:57 1973 UTC
# box type : VSP-4450GSX-PWR+
# software version : 8.0.5.1
# cli mode : ECLI
#
#Card Info :
# Slot 1 :
# CardType : 4450GSX-PWR+
# CardDescription : 4450GSX-PWR+
# CardSerial# : 19JP0800E5HR
# CardPart# : EC4400A05-E6
# CardAssemblyDate : 20190223
# CardHWRevision : 11
# CardHWConfig : none
# OperStatus : up
#
#!end
#
config terminal
#
# BOOT CONFIGURATION
#
boot config flags sshd
#boot config sio console baud 9600 1
# end boot flags
#
# SPBM CONFIGURATION
#
spbm
spbm ethertype 0x8100
#
# CLI CONFIGURATION
#
prompt "VSP-1"
password password-history 3
#
# SYSTEM CONFIGURATION
#
syslog host 1
syslog host 1 address 192.168.135.200
syslog host 1 enable
#
# LOG CONFIGURATION
#
logging level 1
#
# LINK-FLAP-DETECT CONFIGURATION
#
#
# IEEE VLAN AGING CONFIGURATION
#
#
# ACCESS-POLICY CONFIGURATION
#
#
# SSH CONFIGURATION
#
ssh
#
# MCAST SOFTWARE FORWARDING CONFIGURATION
#
#
# SNMP V3 GLOBAL CONFIGURATION
#
snmp-server sender-ip 192.168.135.200 192.168.135.120
#
# SNMP V3 GROUP MEMBERSHIP CONFIGURATION
#
snmp-server user admin-ncg group "PISO21"
#
# SNMP V3 NOTIFY FILTER CONFIGURATION
#
#
# SNMP V3 MIB VIEW CONFIGURATION
#
snmp-server view "ALL" 1
#
# SNMP V3 GROUP CONFIGURATION
#
snmp-server group "PISO21" "" auth-priv read-view ALL write-view ALL notify-view ALL
#
# SNMP V3 TARGET ADDRESS CONFIGURATION
#
snmp-server host 192.168.135.200 v3 authPriv admin-ncg
#
# DDI CONFIGURATION
#
#
# SLOT CONFIGURATION
#
#
# MAC AGING CONFIGURATION
#
#
# SMTP CONFIGURATION
#
#
# WEB CONFIGURATION
#
#
# GLOBAL FDB FILTER CONFIGURATION
#
#
# QOS CONFIGURATION - PHASE I
#
#
# LACP CONFIGURATION
#
lacp enable
#
# VRF CONFIGURATION
#
#
# MAINTENANCE-DOMAIN CONFIGURATION
#
#
# MAINTENANCE-ASSOCIATION CONFIGURATION
#
#
# MAINTENANCE-ENDPOINT CONFIGURATION
#
#
# POE GLOBAL CONFIGURATION
#
#
# PORT CONFIGURATION - PHASE I
#
interface GigabitEthernet 1/1
spoof-detect enable
exit
interface GigabitEthernet 1/2
spoof-detect enable
exit
interface GigabitEthernet 1/3
encapsulation dot1q
spoof-detect enable
exit
#
# ISIS SPBM CONFIGURATION
#
router isis
spbm 1
spbm 1 nick-name 1.00.01
spbm 1 b-vid 4051-4052 primary 4051
spbm 1 smlt-virtual-bmac 00:bb:08:01:01:00
spbm 1 smlt-peer-system-id 00bb.0802.0000
exit
#
# SPB-PIM-GW CONFIGURATION
#
#
# MLT CONFIGURATION
#
mlt 1 enable
mlt 512 enable name "MLT-vIST"
mlt 512 member 1/1-1/2
mlt 512 encapsulation dot1q
#
# IP PREFIX LIST CONFIGURATION - GlobalRouter
#
#
# IP PREFIX LIST CONFIGURATION - VRF
#
#
# IPv6 PREFIX LIST CONFIGURATION - GlobalRouter
#
#
# IPv6 PREFIX LIST CONFIGURATION - VRF
#
#
# RMON CONFIGURATION
#
#
# DVR CONFIGURATION
#
#
# VLAN CONFIGURATION
#
vlan members remove 1 1/1-1/3
vlan create 135 name "Piso21" type port-mstprstp 0
vlan members 135 1/3 portmember
vlan i-sid 135 2135
interface Vlan 135
ip address 192.168.135.120 255.255.255.0 1
exit
vlan create 2000 name "IPS" type port-mstprstp 0
vlan members 2000 1/3 portmember
vlan i-sid 2000 22000
interface Vlan 2000
ip address 10.10.10.1 255.255.255.0 2
ip rsmlt
exit
vlan create 4049 name "Cluster-VSP" type port-mstprstp 0
vlan i-sid 4049 2004049
interface Vlan 4049
ip address 192.168.1.1 255.255.255.252 0
exit
vlan create 4051 name "BBV4051" type spbm-bvlan
vlan create 4052 name "BBV4052" type spbm-bvlan
#
# MSTP CONFIGURATION
#
#
# NLS CONFIGURATION
#
#
# FHS CONFIGURATION
#
#
# MAC ACL CONFIGURATION
#
#
# IPv6 FHS ACL CONFIGURATION
#
#
# RA-GUARD CONFIGURATION
#
#
# DHCP-GUARD CONFIGURATION
#
#
# FHS SNOOPING CONFIGURATION
#
#
# SFLOW CONFIGURATION
#
#
# DHCP SNOOPING CONFIGURATION
#
#
# DHCP SNOOPING BINDING CONFIGURATION
#
#
# VIRTUAL IST CONFIGURATION
#
virtual-ist peer-ip 192.168.1.2 vlan 4049
#
# MLT INTERFACE CONFIGURATION
#
interface mlt 1
smlt
lacp enable key 1
exit
interface mlt 512
isis
isis spbm 1
isis enable
exit
#
# PORT CONFIGURATION - PHASE II
#
interface GigabitEthernet 1/1
default-vlan-id 0
no shutdown
no spanning-tree mstp force-port-state enable
no spanning-tree mstp msti 62 force-port-state enable
exit
interface GigabitEthernet 1/2
default-vlan-id 0
no shutdown
no spanning-tree mstp force-port-state enable
no spanning-tree mstp msti 62 force-port-state enable
exit
interface GigabitEthernet 1/3
default-vlan-id 135
no shutdown
lacp key 1 aggregation enable timeout-time short
lacp enable
no spanning-tree mstp force-port-state enable
exit
#
# LINK-STATE TRACKING
#
#
# IP CONFIGURATION
#
#
# IP AS LIST CONFIGURATION - GlobalRouter
#
#
# IP COMMUNITY LIST CONFIGURATION - GlobalRouter
#
#
# IP EXTENDED COMMUNITY LIST CONFIGURATION - GlobalRouter
#
#
# IP ROUTE MAP CONFIGURATION - GlobalRouter
#
#
# IP CONFIGURATION - GlobalRouter
#
ip route 0.0.0.0 0.0.0.0 192.168.135.1 weight 1
#
# CIRCUITLESS IP INTERFACE CONFIGURATION - GlobalRouter
#
#
# TOPOLOGY-CLIP-IP
#
#
# MSDP CONFIGURATION - GlobalRouter
#
#
# CIRCUITLESS IPV6 INTERFACE CONFIGURATION - GlobalRouter
#
#
# VRRP CONFIGURATION - GlobalRouter
#
#
# UDP FORWARDING CONFIGURATION - GlobalRouter
#
#
# UDP FORWARDING CONFIGURATION - VRF
#
#
# UDP FORWARDING PORT CONFIGURATION
#
#
# UDP FORWARDING VLAN CONFIGURATION
#
#
# DHCP CONFIGURATION - GlobalRouter
#
#
# RIP CONFIGURATION - GlobalRouter
#
#
# RIP VLAN CONFIGURATION
#
#
# IGMP CONFIGURATION - GlobalRouter
#
#
# MCAST RESOURCE USAGE CONFIGURATION - GlobalRouter
#
#
# TIMED PRUNE CONFIGURATION - GlobalRouter
#
#
# RSMLT CONFIGURATION
#
ip rsmlt peer-address 10.10.10.2 d4:78:56:f7:90:82 2000
ip rsmlt edge-support
#
# IPV6 CONFIGURATION - GlobalRouter
#
#
# MLD CONFIGURATION - GlobalRouter
#
#
# ISIS CONFIGURATION
#
router isis
sys-name "VSP1-DGB-BIB"
is-type l1
system-id 00bb.0801.0000
manual-area 49.0001
exit
router isis enable
#
# LOGICAL ISIS CONFIGURATION
#
#
# VTEP CONFIGURATION
#
#
# REMOTE VTEP CONFIGURATIONS
#
#
# VLAN NODAL MEP/MIP CONFIGURATION
#
#
# QOS CONFIGURATION - PHASE II
#
qos queue-profile 1 member add 1/1-1/50
#
# CFM CONFIGURATION - PHASE II
#
#
# DIAG CONFIGURATION
#
#
# NTP CONFIGURATION
#
no ntp
#
# ES CONFIGURATION
#
#
# OSPF CONFIGURATION - GlobalRouter
#
router ospf
exit
#
# OSPF CONFIGURATION - VRF
#
#
# OSPF ACCEPT CONFIGURATION - GlobalRouter
#
#
# OSPF ACCEPT CONFIGURATION - VRF
#
#
# BGP CONFIGURATION - GlobalRouter
#
#
# BGP CONFIGURATION - VRF
#
#
# ISIS SPBM IPVPN CONFIGURATION
#
# IP ISID LIST CONFIGURATION - GlobalRouter
#
#
# IP ISID LIST CONFIGURATION - VRF
#
#
# ISIS ACCEPT CONFIGURATION - GlobalRouter
#
#
# ISIS ACCEPT CONFIGURATION - VRF
#
#
# ISIS IPv6 ACCEPT CONFIGURATION - GlobalRouter
#
#
# ISIS IPv6 ACCEPT CONFIGURATION - VRF
#
#
# IP REDISTRIBUTION CONFIGURATION - GlobalRouter
#
#
# IP REDISTRIBUTION CONFIGURATION - VRF
#
#
# OSPF VLAN CONFIGURATION
#
#
# OSPF PORT CONFIGURATION
#
#
# OSPF LOOPBACK CONFIGURATION
#
#
# RIP PORT CONFIGURATION
#
#
# IPVPN CONFIGURATION
#
#
# SLPP CONFIGURATION
#
#
# FILTER CONFIGURATION
#
#
# APPLICATION TELEMETRY CONFIGURATION
#
#
# IPV6 TUNNEL CONFIGURATION
#
#
# IPV6 OSPFV3 CONFIGURATION - GlobalRouter
#
#
# IPV6 RIPng CONFIGURATION
#
router rip
exit
#
# IPV6 STATIC ROUTE CONFIGURATION - GlobalRouter
#
#
# IPV6 OSPF VLAN CONFIGURATION
#
#
# IPV6 OSPF PORT CONFIGURATION
#
#
# IPV6 RIP VLAN CONFIGURATION
#
#
# IPV6 RIP PORT CONFIGURATION
#
#
# IPV6 VRRP VLAN CONFIGURATION
#
#
# IPV6 VRRP PORT CONFIGURATION
#
#
# IPV6 NEIGHBOR CONFIGURATION - GlobalRouter
#
#
# IPV6 DHCP CONFIGURATION - GlobalRouter
#
#
# IPV6 DHCP CONFIGURATION - VRF
#
#
# I-SID CONFIGURATION
#
#
# VNID CONFIGURATION
#
#
# RADIUS CONFIGURATION
#
#
# TACACS CONFIGURATION
#
#
# LLDP CONFIGURATION
#
#
# EAP CONFIGURATION
#
#
# MACSEC CONFIGURATION
#
#
# FABRIC ATTACH CONFIGURATION
#
#
# SPB-PIM-GW CONFIGURATION
#
#
# SOFTWARE CONFIGURATION
#
#
# APPLICATION CONFIGURATION
#
#
# APPLICATION CONFIGURATION
#
#
# IPSEC CONFIGURATION
#
#
# IPSEC POLICY TABLE CONFIGURATION
#
#
# IPSEC SA TABLE CONFIGURATION
#
#
# IPSEC SA POLICY LINK TABLE CONFIGURATION
#
#
# IPV6 OSPFV3 IPSEC CONFIGURATION
#
#
# IPV6 IPSEC INTERFACE CONFIGURATION
#
#
# IP IPSEC INTERFACE CONFIGURATION
#
#
# IKE CONFIGURATION
#
#
# IP REDISTRIBUTE APPLY CONFIGURATIONS
#
#
#
# IP ECMP APPLY CONFIGURATIONS
end
your observation is correct, I want to be able to detect duplicate ips within service vlans (data, telephony, etc)
On the other hand, I'm telling you that I have spoof detect enabled, however I can't see logs of duplicate IP address.
I attach the scripts of the equipment that I have in the laboratory, since I do not have access to the real equipment in production.
VSP-1:1(config)#
VSP-1:1(config)#show running-config
Preparing to Display Configuration...
************************************************************************************
Command Execution Time: Wed Jun 20 02:25:57 1973 UTC
************************************************************************************
#
# Wed Jun 20 02:25:57 1973 UTC
# box type : VSP-4450GSX-PWR+
# software version : 8.0.5.1
# cli mode : ECLI
#
#Card Info :
# Slot 1 :
# CardType : 4450GSX-PWR+
# CardDescription : 4450GSX-PWR+
# CardSerial# : 19JP0800E5HR
# CardPart# : EC4400A05-E6
# CardAssemblyDate : 20190223
# CardHWRevision : 11
# CardHWConfig : none
# OperStatus : up
#
#!end
#
config terminal
#
# BOOT CONFIGURATION
#
boot config flags sshd
#boot config sio console baud 9600 1
# end boot flags
#
# SPBM CONFIGURATION
#
spbm
spbm ethertype 0x8100
#
# CLI CONFIGURATION
#
prompt "VSP-1"
password password-history 3
#
# SYSTEM CONFIGURATION
#
syslog host 1
syslog host 1 address 192.168.135.200
syslog host 1 enable
#
# LOG CONFIGURATION
#
logging level 1
#
# LINK-FLAP-DETECT CONFIGURATION
#
#
# IEEE VLAN AGING CONFIGURATION
#
#
# ACCESS-POLICY CONFIGURATION
#
#
# SSH CONFIGURATION
#
ssh
#
# MCAST SOFTWARE FORWARDING CONFIGURATION
#
#
# SNMP V3 GLOBAL CONFIGURATION
#
snmp-server sender-ip 192.168.135.200 192.168.135.120
#
# SNMP V3 GROUP MEMBERSHIP CONFIGURATION
#
snmp-server user admin-ncg group "PISO21"
#
# SNMP V3 NOTIFY FILTER CONFIGURATION
#
#
# SNMP V3 MIB VIEW CONFIGURATION
#
snmp-server view "ALL" 1
#
# SNMP V3 GROUP CONFIGURATION
#
snmp-server group "PISO21" "" auth-priv read-view ALL write-view ALL notify-view ALL
#
# SNMP V3 TARGET ADDRESS CONFIGURATION
#
snmp-server host 192.168.135.200 v3 authPriv admin-ncg
#
# DDI CONFIGURATION
#
#
# SLOT CONFIGURATION
#
#
# MAC AGING CONFIGURATION
#
#
# SMTP CONFIGURATION
#
#
# WEB CONFIGURATION
#
#
# GLOBAL FDB FILTER CONFIGURATION
#
#
# QOS CONFIGURATION - PHASE I
#
#
# LACP CONFIGURATION
#
lacp enable
#
# VRF CONFIGURATION
#
#
# MAINTENANCE-DOMAIN CONFIGURATION
#
#
# MAINTENANCE-ASSOCIATION CONFIGURATION
#
#
# MAINTENANCE-ENDPOINT CONFIGURATION
#
#
# POE GLOBAL CONFIGURATION
#
#
# PORT CONFIGURATION - PHASE I
#
interface GigabitEthernet 1/1
spoof-detect enable
exit
interface GigabitEthernet 1/2
spoof-detect enable
exit
interface GigabitEthernet 1/3
encapsulation dot1q
spoof-detect enable
exit
#
# ISIS SPBM CONFIGURATION
#
router isis
spbm 1
spbm 1 nick-name 1.00.01
spbm 1 b-vid 4051-4052 primary 4051
spbm 1 smlt-virtual-bmac 00:bb:08:01:01:00
spbm 1 smlt-peer-system-id 00bb.0802.0000
exit
#
# SPB-PIM-GW CONFIGURATION
#
#
# MLT CONFIGURATION
#
mlt 1 enable
mlt 512 enable name "MLT-vIST"
mlt 512 member 1/1-1/2
mlt 512 encapsulation dot1q
#
# IP PREFIX LIST CONFIGURATION - GlobalRouter
#
#
# IP PREFIX LIST CONFIGURATION - VRF
#
#
# IPv6 PREFIX LIST CONFIGURATION - GlobalRouter
#
#
# IPv6 PREFIX LIST CONFIGURATION - VRF
#
#
# RMON CONFIGURATION
#
#
# DVR CONFIGURATION
#
#
# VLAN CONFIGURATION
#
vlan members remove 1 1/1-1/3
vlan create 135 name "Piso21" type port-mstprstp 0
vlan members 135 1/3 portmember
vlan i-sid 135 2135
interface Vlan 135
ip address 192.168.135.120 255.255.255.0 1
exit
vlan create 2000 name "IPS" type port-mstprstp 0
vlan members 2000 1/3 portmember
vlan i-sid 2000 22000
interface Vlan 2000
ip address 10.10.10.1 255.255.255.0 2
ip rsmlt
exit
vlan create 4049 name "Cluster-VSP" type port-mstprstp 0
vlan i-sid 4049 2004049
interface Vlan 4049
ip address 192.168.1.1 255.255.255.252 0
exit
vlan create 4051 name "BBV4051" type spbm-bvlan
vlan create 4052 name "BBV4052" type spbm-bvlan
#
# MSTP CONFIGURATION
#
#
# NLS CONFIGURATION
#
#
# FHS CONFIGURATION
#
#
# MAC ACL CONFIGURATION
#
#
# IPv6 FHS ACL CONFIGURATION
#
#
# RA-GUARD CONFIGURATION
#
#
# DHCP-GUARD CONFIGURATION
#
#
# FHS SNOOPING CONFIGURATION
#
#
# SFLOW CONFIGURATION
#
#
# DHCP SNOOPING CONFIGURATION
#
#
# DHCP SNOOPING BINDING CONFIGURATION
#
#
# VIRTUAL IST CONFIGURATION
#
virtual-ist peer-ip 192.168.1.2 vlan 4049
#
# MLT INTERFACE CONFIGURATION
#
interface mlt 1
smlt
lacp enable key 1
exit
interface mlt 512
isis
isis spbm 1
isis enable
exit
#
# PORT CONFIGURATION - PHASE II
#
interface GigabitEthernet 1/1
default-vlan-id 0
no shutdown
no spanning-tree mstp force-port-state enable
no spanning-tree mstp msti 62 force-port-state enable
exit
interface GigabitEthernet 1/2
default-vlan-id 0
no shutdown
no spanning-tree mstp force-port-state enable
no spanning-tree mstp msti 62 force-port-state enable
exit
interface GigabitEthernet 1/3
default-vlan-id 135
no shutdown
lacp key 1 aggregation enable timeout-time short
lacp enable
no spanning-tree mstp force-port-state enable
exit
#
# LINK-STATE TRACKING
#
#
# IP CONFIGURATION
#
#
# IP AS LIST CONFIGURATION - GlobalRouter
#
#
# IP COMMUNITY LIST CONFIGURATION - GlobalRouter
#
#
# IP EXTENDED COMMUNITY LIST CONFIGURATION - GlobalRouter
#
#
# IP ROUTE MAP CONFIGURATION - GlobalRouter
#
#
# IP CONFIGURATION - GlobalRouter
#
ip route 0.0.0.0 0.0.0.0 192.168.135.1 weight 1
#
# CIRCUITLESS IP INTERFACE CONFIGURATION - GlobalRouter
#
#
# TOPOLOGY-CLIP-IP
#
#
# MSDP CONFIGURATION - GlobalRouter
#
#
# CIRCUITLESS IPV6 INTERFACE CONFIGURATION - GlobalRouter
#
#
# VRRP CONFIGURATION - GlobalRouter
#
#
# UDP FORWARDING CONFIGURATION - GlobalRouter
#
#
# UDP FORWARDING CONFIGURATION - VRF
#
#
# UDP FORWARDING PORT CONFIGURATION
#
#
# UDP FORWARDING VLAN CONFIGURATION
#
#
# DHCP CONFIGURATION - GlobalRouter
#
#
# RIP CONFIGURATION - GlobalRouter
#
#
# RIP VLAN CONFIGURATION
#
#
# IGMP CONFIGURATION - GlobalRouter
#
#
# MCAST RESOURCE USAGE CONFIGURATION - GlobalRouter
#
#
# TIMED PRUNE CONFIGURATION - GlobalRouter
#
#
# RSMLT CONFIGURATION
#
ip rsmlt peer-address 10.10.10.2 d4:78:56:f7:90:82 2000
ip rsmlt edge-support
#
# IPV6 CONFIGURATION - GlobalRouter
#
#
# MLD CONFIGURATION - GlobalRouter
#
#
# ISIS CONFIGURATION
#
router isis
sys-name "VSP1-DGB-BIB"
is-type l1
system-id 00bb.0801.0000
manual-area 49.0001
exit
router isis enable
#
# LOGICAL ISIS CONFIGURATION
#
#
# VTEP CONFIGURATION
#
#
# REMOTE VTEP CONFIGURATIONS
#
#
# VLAN NODAL MEP/MIP CONFIGURATION
#
#
# QOS CONFIGURATION - PHASE II
#
qos queue-profile 1 member add 1/1-1/50
#
# CFM CONFIGURATION - PHASE II
#
#
# DIAG CONFIGURATION
#
#
# NTP CONFIGURATION
#
no ntp
#
# ES CONFIGURATION
#
#
# OSPF CONFIGURATION - GlobalRouter
#
router ospf
exit
#
# OSPF CONFIGURATION - VRF
#
#
# OSPF ACCEPT CONFIGURATION - GlobalRouter
#
#
# OSPF ACCEPT CONFIGURATION - VRF
#
#
# BGP CONFIGURATION - GlobalRouter
#
#
# BGP CONFIGURATION - VRF
#
#
# ISIS SPBM IPVPN CONFIGURATION
#
# IP ISID LIST CONFIGURATION - GlobalRouter
#
#
# IP ISID LIST CONFIGURATION - VRF
#
#
# ISIS ACCEPT CONFIGURATION - GlobalRouter
#
#
# ISIS ACCEPT CONFIGURATION - VRF
#
#
# ISIS IPv6 ACCEPT CONFIGURATION - GlobalRouter
#
#
# ISIS IPv6 ACCEPT CONFIGURATION - VRF
#
#
# IP REDISTRIBUTION CONFIGURATION - GlobalRouter
#
#
# IP REDISTRIBUTION CONFIGURATION - VRF
#
#
# OSPF VLAN CONFIGURATION
#
#
# OSPF PORT CONFIGURATION
#
#
# OSPF LOOPBACK CONFIGURATION
#
#
# RIP PORT CONFIGURATION
#
#
# IPVPN CONFIGURATION
#
#
# SLPP CONFIGURATION
#
#
# FILTER CONFIGURATION
#
#
# APPLICATION TELEMETRY CONFIGURATION
#
#
# IPV6 TUNNEL CONFIGURATION
#
#
# IPV6 OSPFV3 CONFIGURATION - GlobalRouter
#
#
# IPV6 RIPng CONFIGURATION
#
router rip
exit
#
# IPV6 STATIC ROUTE CONFIGURATION - GlobalRouter
#
#
# IPV6 OSPF VLAN CONFIGURATION
#
#
# IPV6 OSPF PORT CONFIGURATION
#
#
# IPV6 RIP VLAN CONFIGURATION
#
#
# IPV6 RIP PORT CONFIGURATION
#
#
# IPV6 VRRP VLAN CONFIGURATION
#
#
# IPV6 VRRP PORT CONFIGURATION
#
#
# IPV6 NEIGHBOR CONFIGURATION - GlobalRouter
#
#
# IPV6 DHCP CONFIGURATION - GlobalRouter
#
#
# IPV6 DHCP CONFIGURATION - VRF
#
#
# I-SID CONFIGURATION
#
#
# VNID CONFIGURATION
#
#
# RADIUS CONFIGURATION
#
#
# TACACS CONFIGURATION
#
#
# LLDP CONFIGURATION
#
#
# EAP CONFIGURATION
#
#
# MACSEC CONFIGURATION
#
#
# FABRIC ATTACH CONFIGURATION
#
#
# SPB-PIM-GW CONFIGURATION
#
#
# SOFTWARE CONFIGURATION
#
#
# APPLICATION CONFIGURATION
#
#
# APPLICATION CONFIGURATION
#
#
# IPSEC CONFIGURATION
#
#
# IPSEC POLICY TABLE CONFIGURATION
#
#
# IPSEC SA TABLE CONFIGURATION
#
#
# IPSEC SA POLICY LINK TABLE CONFIGURATION
#
#
# IPV6 OSPFV3 IPSEC CONFIGURATION
#
#
# IPV6 IPSEC INTERFACE CONFIGURATION
#
#
# IP IPSEC INTERFACE CONFIGURATION
#
#
# IKE CONFIGURATION
#
#
# IP REDISTRIBUTE APPLY CONFIGURATIONS
#
#
#
# IP ECMP APPLY CONFIGURATIONS
end
Options
- Mark as New
- Bookmark
- Subscribe
- Mute
- Subscribe to RSS Feed
- Get Direct Link
- Report Inappropriate Content
08-17-2022 03:14 AM
Hi Francisco,
To be sure to understand, you want to detect duplicate IP on vlans, not only duplicate with VSP's IP, right ?
Spoof-detect should work with two endpoints too.
I use it on our networks devices (VSP7200, 7400, 8400) and it work fine.
I got logs about blocked IP yesterday, it was two endpoints (PC) with same IP.
What's your VSP device and software release ?
Can you share your configuration and test you have done ?
Regards,
Théo
To be sure to understand, you want to detect duplicate IP on vlans, not only duplicate with VSP's IP, right ?
Spoof-detect should work with two endpoints too.
I use it on our networks devices (VSP7200, 7400, 8400) and it work fine.
I got logs about blocked IP yesterday, it was two endpoints (PC) with same IP.
What's your VSP device and software release ?
Can you share your configuration and test you have done ?
Regards,
Théo
