XII. Firewall/Security Features
ExpiredVigorSwitch - IP Conflict Prevention
DrayTek VigorSwitches running 2.4.0 or later firmware offer advanced IP Conflict Prevention (ICP) feature that can help with the network stability. Time consuming detection of the source of IP conflicts may cause many issues related to distracted connectivity especially on large networks. The new feature helps the administrator to find out the conflicting port and IP and take immediate action.
This article introduces ICP and demonstrates how to use it on VigorSwitches.
Applicable Products
| DrayTek VigorSwitch |
|---|
| DrayTek VigorSwitch G1280 |
| DrayTek VigorSwitch G2280 |
| DrayTek VigorSwitch G2280x |
| DrayTek VigorSwitch G2500 |
| DrayTek VigorSwitch P1280 |
| DrayTek VigorSwitch P2121 |
| DrayTek VigorSwitch P2280 |
| DrayTek VigorSwitch P2280x |
| DrayTek VigorSwitch P2500 |
ICP on Multiple Switches
ICP takes the advantages when there are multiple switches on the network, even if not all of them support ICP. The edge switch can be other brands that you already have, and ICP would still work partially.
For example:
PC4 conflicts with PC1: PC4 cannot go through the core switch, but PC4 still can access other hosts within the edge switch.
PC2 conflicts with PC1: PC2 will be locked. It's because PC1 is configured to have the higher priority of using the IP.
Conflict Warning
When IP conflict happens, ICP shows the conflict status on the GUI as depicted below. The network administrator can immedately locate the conflicting port and IP address used by the end device.
How to Set up ICP?
Quick Start Wizard is an easy and convinient way to configure ICP feature.
1. In the Quick Start Wizard, first select a port where your DHCP server is connected to.
2. VigorSwitch will conduct a preliminary detection of the environment and show the port type. If the port is incorrect, click on it to update. The table below lists all port types available for configuration:
| DHCP server | Tells the Switch which port the DHCP Offer will come from so that it can block illegal DHCP Offers |
| DHCP Client | The Switch automatically learns the DHCP offer/ack of each port, and dynamically adds/removes the IP into the table |
| Static Binding | Use this if a device is configured with a static IP. The switch memorizes the “static IP/port" combination and protects LAN clients on the list |
| Multiple Hosts | For connecting to an AP or a switch. All IPs linked with the port will be protected. If there's a conflict on this port, conflict status will be shown |
| LAG | Accepts multiple ports using the same IP address without looping and conflicting |
| Multiple Hosts with DHCP Server | Accepts several IP addresses linked with a single port; these IP addresses include DHCP Clients and Static IP Clients. A host registered as a DHCP Server is allowed and gains protection |
3. The switch will detect your network and shows the Protected Hosts Table. Double check this list and update if needed.
4. In this step select Enable to start the ICP
NOTE:
1. If there are many switches on the network, it is recommended to set the port type first (1-3 step on Wizard), then enable ICP on each layer.
2. VigorSwitch can send the email message to notify the network administrator about the port conflicts. Just go to [Mail Alert] section to enable the notification feature
3. When IP Conflict Prevention is processing, IP conflict detection cannot be enabled.
- First Published: 16/11/2020
- Last Updated: 27/04/2021