Name: Cisco Catalyst 3560-X
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

1-5

Catalyst 3750-X and 3560-X Switch Software Configuration Guide

OL-25303-03

Chapter 1 Configuring Dynamic ARP Inspection

Configuring Dynamic ARP Inspection

Logging of Dropped Packets

When the switch drops a packet, it places an entry in the log buffer and then generates system messages

on a rate-controlled basis. After the message is generated, the switch clears the entry from the log buffer.

Each log entry contains flow information, such as the receiving VLAN, the port number, the source and

destination IP addresses, and the source and destination MAC addresses.

You use the ip arp inspection log-buffer global configuration command to configure the number of

entries in the buffer and the number of entries needed in the specified interval to generate system

messages. You specify the type of packets that are logged by using the ip arp inspection vlan logging

global configuration command. For configuration information, see the “Configuring the Log Buffer”

section on page 1-13.

Configuring Dynamic ARP Inspection

• Default Dynamic ARP Inspection Configuration, page 1-5

• Dynamic ARP Inspection Configuration Guidelines, page 1-6

• Configuring Dynamic ARP Inspection in DHCP Environments, page 1-7 (required in DHCP

environments)

• Configuring ARP ACLs for Non-DHCP Environments, page 1-9 (required in non-DHCP

environments)

• Limiting the Rate of Incoming ARP Packets, page 1-10 (optional)

• Performing Validation Checks, page 1-12 (optional)

• Configuring the Log Buffer, page 1-13 (optional)

Default Dynamic ARP Inspection Configuration

Table 1-1 Default Dynamic ARP Inspection Configuration

Feature Default Setting

Dynamic ARP inspection Disabled on all VLANs.

Interface trust state All interfaces are untrusted.

Rate limit of incoming ARP packets The rate is 15 pps on untrusted interfaces, assuming that the

network is a switched network with a host connecting to as many

as 15 new hosts per second.

The rate is unlimited on all trusted interfaces.

The burst interval is 1 second.

ARP ACLs for non-DHCP

environments

No ARP ACLs are defined.

Validation checks No checks are performed.

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 3560-X and is the answer not in the manual?

Cisco Catalyst 3560-X Specifications

General

Enclosure Type	Rack-mountable - 1U
Subtype	Gigabit Ethernet
Ports	48 x 10/100/1000 + 4 x SFP
Flash Memory	64 MB
Power Device	Internal power supply
Voltage Required	AC 120/230 V (50/60 Hz)
Operating System	Cisco IOS
Device Type	Switch
Performance	Switching capacity: 128 Gbps
Jumbo Frame Support	Yes
Routing Protocol	RIP-1, RIP-2, EIGRP
Remote Management Protocol	SNMP 1, RMON 1, RMON 2, RMON 3, RMON 9, Telnet, SNMP 3, HTTP, HTTPS
Features	DHCP support, VLAN support, QoS, IPv6 support, Syslog
Compliant Standards	IEEE 802.3, IEEE 802.3u, IEEE 802.3z, IEEE 802.1D, IEEE 802.1Q, IEEE 802.3ab, IEEE 802.1p, IEEE 802.3af, IEEE 802.3x, IEEE 802.3ad, IEEE 802.1w, IEEE 802.1x, IEEE 802.1s, IEEE 802.3ah, IEEE 802.1ag, IEEE 802.3at
Stacking	Stackable
Security Features	SSH, RADIUS, TACACS+
Management	CLI
Dimensions (H x W x D)	17.5 in
Operating Temperature	32 to 113 °F (0 to 45 °C)
Humidity	10 - 95% (non-condensing)