34-10
Software Configuration Guide—Release 12.2(25)EW
OL-6696-01
Chapter 34 Understanding and Configuring Dynamic ARP Inspection
Configuring Dynamic ARP Inspection
Vlan ACL Logging DHCP Logging
---- ----------- ------------
1 Deny Deny
S1#
Step 3 Establish the interface fa6/3 as untrusted, and verify the configuration:
S1# conf t
Enter configuration commands, one per line. End with CNTL/Z.
S1(config)# in fa6/3
S1(config-if)# no ip arp inspection trust
S1(config-if)# end
Switch# show ip arp inspection interfaces fastEthernet 6/3
Interface Trust State Rate (pps)
--------------- ----------- ----------
Fa6/3 Untrusted 15
Switch#
When H2 sends 5 ARP requests through interface fa6/3 on S1 and a “get” is permitted by S1, the
statistics are updated appropriately:
Switch# show ip arp inspection statistics vlan 1
Vlan Forwarded Dropped DHCP Drops ACL Drops
---- --------- ------- ---------- ----------
1 5 0 0 0
Vlan DHCP Permits ACL Permits Source MAC Failures
---- ------------ ----------- -------------------
1 0 5 0
Vlan Dest MAC Failures IP Validation Failures
---- ----------------- ----------------------
1 0 0
Switch#
To Next Page
Loading...
