Chapter 9
| General Security Measures
ARP Inspection
– 371 –
Example
Console(config)#ip arp inspection vlan 1,2
Console(config)#
ip arp inspection limit This command sets a rate limit for the ARP packets received on a port. Use the no
form to restore the default setting.
Syntax
ip arp inspection limit {rate pps | none}
no ip arp inspection limit
pps - The maximum number of ARP packets that can be processed by the
CPU per second. (Range: 0-2048, where 0 means that no ARP packets can
be forwarded)
none - There is no limit on the number of ARP packets that can be
processed by the CPU.
Default Setting
15
Command Mode
Interface Configuration (Port, Static Aggregation)
Command Usage
◆ This command applies to both trusted and untrusted ports.
◆ When the rate of incoming ARP packets exceeds the configured limit, the
switch drops all ARP packets in excess of the limit.
Example
Console(config)#interface ethernet 1/1
Console(config-if)#ip arp inspection limit rate 150
Console(config-if)#
ip arp inspection trust This command sets a port as trusted, and thus exempted from ARP Inspection. Use
the no form to restore the default setting.
Syntax
[no] ip arp inspection trust
Default Setting
Untrusted
To Next Page
Loading...
