2-305
Catalyst 4500 Series Switch Cisco IOS Command Reference—Release IOS XE 3.4.0SG and IOS 15.1(2)SG)
OL-27596 -01
Chapter 2 Cisco IOS Commands for the Catalyst 4500 Series Switches
ip arp inspection vlan logging
ip arp inspection vlan logging
To control the type of packets that are logged, use the ip arp inspection vlan logging command. To
disable this logging control, use the no form of this command.
ip arp inspection vlan vlan-range logging {acl-match {matchlog | none} | dhcp-bindings
{permit | all | none}}
no ip arp inspection vlan vlan-range logging {acl-match | dhcp-bindings}
Syntax Description
Defaults All denied or dropped packets are logged.
Command Modes Global configuration mode
Command History
Usage Guidelines The acl-match and dhcp-bindings keywords merge with each other. When you set an ACL match
configuration, the DHCP bindings configuration is not disabled. You can use the no form of this
command to reset some of the logging criteria to their defaults. If you do not specify either option, all
the logging types are reset to log on when the ARP packets are denied. The two options that are available
to you are as follows:
• acl-match—Logging on ACL matches is reset to log on deny
• dhcp-bindings—Logging on DHCP binding compared is reset to log on deny
vlan-range Number of the VLANs to be mapped to the specified instance. The number is
entered as a single value or a range; valid values are from 1 to 4094.
acl-match Specifies the logging criteria for packets that are dropped or permitted based on
ACL matches.
matchlog Specifies that logging of packets matched against ACLs is controlled by the
matchlog keyword in the permit and deny access control entries of the ACL.
Note By default, the matchlog keyword is not available on the ACEs. When the
keyword is used, denied packets are not logged. Packets are logged only
when they match against an ACE that has the matchlog keyword.
none Specifies that ACL-matched packets are not logged.
dhcp-bindings Specifies the logging criteria for packets dropped or permitted based on matches
against the DHCP bindings.
permit Specifies logging when permitted by DHCP bindings.
all Specifies logging when permitted or denied by DHCP bindings.
none Prevents all logging of packets permitted or denied by DHCP bindings.
Release Modification
12.1(19)EW Support for this command was introduced on the Catalyst 4500 series switch.