| Srikanth Vavilapalli | 1725e49 | 2014-12-01 17:50:52 -0800 | [diff] [blame^] | 1 | The security command within the host submode is used to |
| 2 | bind ip address and attachment points for the hosts |
| 3 | identified by the submode. |
| 4 | |
| 5 | What a host is presented to the controller, the attachment |
| 6 | point of the host is also identified. When the security |
| 7 | command is used to constrain the attachment point, the |
| 8 | controller can use the configured details to choose whether |
| 9 | it will allow the host to join the network. |
| 10 | |
| 11 | When an ip address is bound to the host, no other host |
| 12 | may use the indicated ip address. This is implemented |
| 13 | by snooping arp's and the dhcp protocol. It is still |
| 14 | possible for the host to send frames with spoofed |
| 15 | src ip address, but the destination will not be able |
| 16 | to reply to these frames. |