EasyManua.ls Logo

Cisco Catalyst 3550

Cisco Catalyst 3550
794 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Loading...
2-147
Catalyst 3550 Multilayer Switch Command Reference
OL-8566-02
Chapter 2 Catalyst 3550 Switch Cisco IOS Commands
ip arp inspection vlan logging
The acl-match and dhcp-bindings keywords merge with each other; that is, when you configure an ACL
match, the DHCP bindings configuration is not disabled. Use the no form of the command to reset the
logging criteria to their defaults. If neither option is specified, all types of logging are reset to log when
Address Resolution Protocol (ARP) packets are denied. These are the options:
acl-match—Logging on ACL matches is reset to log on deny.
dhcp-bindings—Logging on DHCP binding matches is reset to log on deny.
If neither the acl-match or the dhcp-bindings keywords are specified, all denied packets are logged.
The implicit deny at the end of an ACL does not include the log keyword. This means that when you use
the static keyword in the ip arp inspection filter vlan global configuration command, the ACL
overrides the DHCP bindings. Some denied packets might not be logged unless you explicitly specify
the deny ip any mac any log ACE at the end of the ARP ACL.
Examples This example shows how to configure ARP inspection on VLAN 1 to log packets that match the permit
commands in the ACL:
Switch(config)# arp access-list test1
Switch(config-arp-nacl)# permit request ip any mac any log
Switch(config-arp-nacl)# permit response ip any any mac any any log
Switch(config-arp-nacl)# exit
Switch(config)# ip arp inspection vlan 1 logging acl-match matchlog
You can verify your settings by entering the show ip arp inspection vlan vlan-range privileged EXEC
command.
Related Commands Command Description
arp access-list Defines an ARP ACL.
clear ip arp inspection log Clears the dynamic ARP inspection log buffer.
ip arp inspection log-buffer Configures the dynamic ARP inspection logging buffer.
show ip arp inspection log Displays the configuration and contents of the dynamic ARP
inspection log buffer.
show ip arp inspection vlan
vlan-range
Displays the configuration and the operating state of dynamic ARP
inspection for the specified VLAN.

Table of Contents

Other manuals for Cisco Catalyst 3550

Related product manuals