3.10.15 IP/IPv6 Source Guard and Port Mode Configuration

Use this command to enable or disable the Global IP/IPv6 Source Guard. All configured ACEs are lost when the mode is enabled. Translate all dynamic entries to static. Specify IP/IPv6 Source Guard is enabled on which ports and specify the maximum number of dynamic clients that can be learned on a given port.

Command Syntax:

ip verify source 
ipv6 verify source 
ip verify source translate 
ipv6 verify source translate 
ip verify source limit <cnt_var>
ipv6 verify source limit <max_dynamic_clients>

Table 3-57. Command Description
	Argument	Description
Parameter	`<cnt_var>`	Maximum number of dynamic clients that can be learned on given port. This value can be 0, 1, 2, or unlimited (for unlimited, use the ‘no’ version of the command).
	`<max_dynamic_clients>`	Maximum number of dynamic clients that can be learned on given port. This value can be 0, 1, 2, or unlimited (for unlimited use the ‘no’ version of the command).
Default	N.A
Mode	Global Configuration mode and Port List Interface mode
Usage	Enable IP Source Guard. To disable IP Source Guard, use the ‘no’ version of the command..
Example	Example 1: Enable IP Source Guard. `(config)# ip verify source` Example 2: Enable IPv6 Source Guard on port 1 and set the max number of Dynamic Clients to 2. `(config)# interface GigabitEthernet 1/1 (config-if)# ipv6 verify source (config-if)# ipv6 verify source limit 2`