Chapter 9
| General Security Measures
ARP Inspection
– 371 –
Example
Console(config)#ip arp inspection vlan 1,2
Console(config)#
ip arp inspection limit This command sets a rate limit for the ARP packets received on a port. Use the no
form to restore the default setting.
Syntax
ip arp inspection limit {rate pps | none}
no ip arp inspection limit
pps - The maximum number of ARP packets that can be processed by the
CPU per second. (Range: 0-2048, where 0 means that no ARP packets can
be forwarded)
none - There is no limit on the number of ARP packets that can be
processed by the CPU.
Default Setting
15
Command Mode
Interface Configuration (Port, Static Aggregation)
Command Usage
â—† This command applies to both trusted and untrusted ports.
â—† When the rate of incoming ARP packets exceeds the configured limit, the
switch drops all ARP packets in excess of the limit.
Example
Console(config)#interface ethernet 1/1
Console(config-if)#ip arp inspection limit rate 150
Console(config-if)#
ip arp inspection trust This command sets a port as trusted, and thus exempted from ARP Inspection. Use
the no form to restore the default setting.
Syntax
[no] ip arp inspection trust
Default Setting
Untrusted
To Next Page
Loading...
Need help?
General