Inventor(s)

Anonymous

Abstract

The present disclosure relates to reliable and fast deployment of Layer 2 (L2) security features including Internet Protocol (IP) Source Guard, Dynamic Address Resolution Protocol (ARP) Inspection, and Dynamic Neighbor Discovery Protocol (NDP) inspection with Dynamic Host Configuration Protocol (DHCP) snooping. The proposed approach dynamically detects a missing DHCP snooping binding entry and builds that using standard ARP and DHCP LEASEQUERY requests, avoiding manual intervention. It also minimizes traffic loss when DHCP snooping binding entry is missing due to failure conditions. The dynamically building the DHCP snooping binding table entry is performed without the need to wait for clients/hosts to renew IP address via DHCP. Proposed mechanism which allows operator to deploy/enable L2 security features DHCP snooping, IP Source Guard (IPSG), Dynamic ARP inspection (DAI), Dynamic NDP inspection (DNI) faster, reliably, and also minimizes traffic outage for valid hosts.

Creative Commons License

Creative Commons License
This work is licensed under a Creative Commons Attribution 4.0 License.

Share

COinS