43 Dynamic ARP Inspection
Configuration
43.1 Understanding DAI
DAI, an acronym of Dynamic ARP Inspection, refers to validity inspection of received ARP
packets. Illegal ARP packets will be discarded.
43.1.1 Understanding ARP Spoofing Attack
ARP itself does not check the validity of incoming ARP packets. Due to the drawback of ARP,
attackers can launch ARP spoofing attacks easily. The most typical one is the intermediary
attack, which is described as follows:
Figure 43-1
As shown in the diagram, devices A, B and C are connected to DGS-3610 series and
located in the same subnet. Their IP and MAC addresses are respectively represented with
(IPA, MACA), (IPB, MACB) and (IPC, MACC). When device A needs to communicate with
device B in the network layer, device A broadcasts an ARP request in the subnet to query the
MAC value of device B. Upon receiving this ARP request packet, device B updates its ARP
To Next Page
Loading...
