dynamic-arp-inspection
To validate Address Resolution Protocol (ARP) packets in a network, use the dynamic-arp-inspection
command in the l2vpn bridge group bridge domain configuration mode. To disable dynamic ARP inspection,
use the no form of this command.
dynamic-arp-inspection {logging| address-validation {src-mac| dst-mac| ipv4}}
no dynamic-arp-inspection {logging| address-validation {src-mac| dst-mac| ipv4}}
Syntax Description
(Optional) Enables logging.
When you use the logging option, the log messages indicate the interface
on which the violation has occured along with the IP or MAC source of
the violation traffic. The log messages are rate limited at 1 message per
10 seconds.
Note
Not all the violation events are recorded in the
syslog.
Caution
logging
(Optional) Performs address-validation.address-validation
Source MAC address in the Ethernet header.
src-mac
Destination MAC address in the Ethernet header.
dst-mac
IP addresses in the ARP body.
ipv4
Command Default
Dynamic ARP inspection is disabled.
Command Modes
l2vpn bridge group bridge domain configuration
Command History
ModificationRelease
This command was introduced.Release 4.0.1
Usage Guidelines
To use this command, you must be in a user group associated with a task group that includes appropriate task
IDs. If the user group assignment is preventing you from using a command, contact your AAA administrator
for assistance.
Task ID
OperationsTask ID
read, writel2vpn
Cisco ASR 9000 Series Aggregation Services Router VPN and Ethernet Services Command Reference, Release
6.1.x
77
Point to Point Layer 2 Services Commands
dynamic-arp-inspection
To Next Page
Loading...
Need help?
General
