Network intruders may spoof IP packets by modifying headers of the IP packets in order to fool people to believe that the transmissions are originating from trusted source. Consequently, various defencing mechanisms have been developed to identify and prevent IP spoofing attacks. However, most of them were implemented on either hosts or routers levels which utilizes a lot of shared resources on the networks during the attacking process. On the contrary, this paper proposes an algorithm for validating source IP address by using Layer Three Switches (L3S) in a Local Area Network (LAN), which means that the IP spoofing attacks will be identified and prevented without utilizing shared network resources. The study employed Mininet network emulator, POX controller, L3S, packets analyzer, and packet constructor to design and develop the algorithm. Results have shown that the algorithm was capable of detecting and preventing IP spoofed packets on LAN before L3S forward them to a target, and eventually an attacker was identified by using his/her MAC address.