DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Configures the DAI logging buffer size. The no option
reverts to the default buffer size, which is 32 messages. The
buffer size can be between 1 and 1024 messages.
[no] ip arp inspection log-buffer entries number
Example:
switch(config)# ip arp inspection log-buffer
entries 64
Step 2
Displays the DHCP snooping configuration, including the
DAI configuration.
(Optional) show running-config dhcp
Example:
Step 3
switch(config)# show running-config dhcp
Copies the running configuration to the startup
configuration.
(Optional) copy running-config startup-config
Example:
Step 4
switch(config)# copy running-config startup-config
Configuring DAI Log Filtering
You can configure how the device determines whether to log a DAI packet. By default, the device logs DAI
packets that are dropped.
SUMMARY STEPS
1. configure terminal
2. [no] ip arp inspection vlan vlan-list logging dhcp-bindings {all | none | permit}
3. (Optional) show running-config dhcp
4. (Optional) copy running-config startup-config
DETAILED STEPS
PurposeCommand or Action
Enters global configuration mode.configure terminal
Example:
Step 1
switch# configure terminal
switch(config)#
Configures DAI log filtering, as follows. The no form of
this command removes DAI log filtering.
[no] ip arp inspection vlan vlan-list logging
dhcp-bindings {all | none | permit}
Step 2
Example:
• all—Logs all packets that match DHCP bindings.
switch(config)# ip arp inspection vlan 100
dhcp-bindings permit
• none—Does not log packets that match DHCP
bindings.
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
398
Configuring Dynamic ARP Inspection
Configuring DAI Log Filtering
To Next Page
Loading...
