EasyManuals Logo

Cisco WS-C6506 User Manual

Cisco WS-C6506
1488 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #436 background imageLoading...
Page #436 background image
15-40
Catalyst 6500 Series Switch Software Configuration Guide—Release 8.7
OL-8978-04
Chapter 15 Configuring Access Control
Using VACLs in Your Network
Figure 15-8 Dynamic ARP Inspection Flow Chart
Note Only the ARP packets that are sent from an untrusted port are inspected. The ARP packets that are
received from a trusted port are forwarded without inspection (this process applies to both static and
dynamic ARP inspection). By default, the system configures the MSFC port as ARP inspection trusted.
ARP packet
redirected to
NMP
Received
on ARP-
inspection
trusted port?
Match-MAC
enabled?
Source and
payload MAC
match?
Address
validation
enabled?
ARP
inspection ACE
on VLANs
ACL?
Check ARP-
inspection
ACE rules
Match
found?
DAI
enabled on
VLAN?
Entry found
+ lease not
expired?
Payload and
bind entry IP
addresses
match?
Search DHCP
bind entries
wtih payload MAC
address and
VLAN
Valid
Address?
Packet
forwarded
Packet
forwarded
Packet
forwarded
Packet
dropped
Ye s
Ye s
Ye s
Ye s
Ye s
Ye s
Ye s Ye s
Ye s
No
No
Ye s
Ye s
Ye s
Ye s
No
No
No
No
No
No
No
No
ACE action
deny?
113309
Drop
enabled?
Drop
enabled?

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco WS-C6506 and is the answer not in the manual?

Cisco WS-C6506 Specifications

General IconGeneral
BrandCisco
ModelWS-C6506
CategorySwitch
LanguageEnglish

Related product manuals