Security
ARP Inspection
362 Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
17
If the ARP Packet Validation option is selected (Properties page), the following additional
validation checks are performed:
• Source MAC — Compares the packet’s source MAC address in the Ethernet header
against the sender’s MAC address in the ARP request. This check is performed on both
ARP requests and responses.
• Destination MAC — Compares the packet’s destination MAC address in the Ethernet
header against the destination interface’s MAC address. This check is performed for
ARP responses.
• IP Addresses — Compares the ARP body for invalid and unexpected IP addresses.
Addresses include 0.0.0.0, 255.255.255.255, and all IP Multicast addresses.
Packets with invalid ARP Inspection bindings are logged and dropped.
Up to 1024 entries can be defined in the ARP Access Control table.
Interaction Between ARP Inspection and DHCP Snooping
If DHCP Snooping is enabled, ARP Inspection uses the DHCP Snooping Binding database in
addition to the ARP access control rules. If DHCP Snooping is not enabled, only the ARP
access control rules are used.
To Next Page
Loading...
