EasyManuals Logo

Cisco 4500M User Manual

Cisco 4500M
608 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #478 background imageLoading...
Page #478 background image
34-6
Software Configuration Guide—Release 12.2(25)EW
OL-6696-01
Chapter 34 Understanding and Configuring Dynamic ARP Inspection
Configuring Dynamic ARP Inspection
Step 3 Configure interface fa6/3 as trusted:
S1# conf t
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)# in fa6/3
S1(config-if)# ip arp inspection trust
S1(config-if)# end
S1# show ip arp inspection interfaces fastEthernet 6/3
Interface Trust State Rate (pps)
--------------- ----------- ----------
Fa6/3 Trusted None
S1#
Step 4 Verify the bindings:
S1# show ip dhcp snooping binding
MacAddress IpAddress Lease(sec) Type VLAN Interface
------------------ --------------- ---------- ------------- ---- --------------------
00:02:00:02:00:02 1.1.1.2 4993 dhcp-snooping 1 FastEthernet6/4
S1#
Step 5 Check the statistics before and after Dynamic ARP processes any packets:
S1# show ip arp inspection statistics vlan 1
Vlan Forwarded Dropped DHCP Drops ACL Drops
---- --------- ------- ---------- ----------
1 0 0 0 0
Vlan DHCP Permits ACL Permits Source MAC Failures
---- ------------ ----------- -------------------
1 0 0 0
Vlan Dest MAC Failures IP Validation Failures
---- ----------------- ----------------------
1 0 0
S1#
If H1 then sends out two ARP requests with an IP address of 1.1.1.2 and a MAC address of
0002.0002.0002, both requests are permitted, as reflected in the following statistics:
S1# show ip arp inspection statistics vlan 1
Vlan Forwarded Dropped DHCP Drops ACL Drops
---- --------- ------- ---------- ----------
1 2 0 0 0
Vlan DHCP Permits ACL Permits Source MAC Failures
---- ------------ ----------- -------------------
1 2 0 0
Vlan Dest MAC Failures IP Validation Failures
---- ----------------- ----------------------
1 0 0
S1#
If H1 then tries to send an ARP request with an IP address of 1.1.1.3, the packet is dropped and an error
message is logged:
00:12:08: %SW_DAI-4-DHCP_SNOOPING_DENY: 2 Invalid ARPs (Req) on Fa6/4, vlan
1.([0002.0002.0002/1.1.1.3/0000.0000.0000/0.0.0.0/02:42:35 UTC Tue Jul 10 2001])
S1# show ip arp inspection statistics vlan 1
S1#

Table of Contents

Other manuals for Cisco 4500M

Preview: Command Reference
Command Reference578 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco 4500M and is the answer not in the manual?

Cisco 4500M Specifications

General IconGeneral
BrandCisco
Model4500M
CategoryNetwork Router
LanguageEnglish

Related product manuals