In enterprise switch networks which is usually structured with access ,distribution and core i find that sometimes access /distribution layer gets spoofed with gateway mac address . At these layers since ip address configuration of devices connected to ports usually are spread across static or dhcp ip address . Since source guard relies on dhcp snooping binding database having it is not scalable for devices with static ip devices connected to switchports .
Typical setup is like
pc---torswitch--distswitch--corertrwithgw |--- roguegwspoofing device
the rogue-spoofing device redirects the gw traffic by spoofing the mac address of gateway ,there by causing loss of ip traffic . Ipsource guard is not scalable here as it is multistack switch it is not feasible to add manually ip source entries . Is there any suggested method to prevent spoofing