An entry in the IP source binding table contains the IP address and the associated MAC and VLAN numbers. It builds and maintains an IP source binding table that is learned by DHCP snooping or manually configured (static IP source bindings). The IP Source Guard feature is enabled in combination with the DHCP snooping feature on untrusted Layer 2 interfaces.
Any IP traffic coming into the interface with a source IP address other than that assigned (via DHCP or static configuration) will be filtered out on the untrusted Layer 2 ports.
This feature helps prevent IP spoofing attacks when a host tries to spoof and use the IP address of another host. IP Source Guard is a security feature that restricts IP traffic on untrusted Layer 2 ports by filtering traffic based on the DHCP snooping binding database or manually configured IP source bindings.