C
HAPTER
25
| General Security Measures
ARP Inspection
– 679 –
COMMAND MODE
Interface Configuration (Port)
COMMAND USAGE
â—† This command only applies to untrusted ports.
â—† When the rate of incoming ARP packets exceeds the configured limit,
the switch drops all ARP packets in excess of the limit.
EXAMPLE
Console(config)#interface ethernet 1/1
Console(config-if)#ip arp inspection limit 150
Console(config-if)#
ip arp inspection
trust
This command sets a port as trusted, and thus exempted from ARP
Inspection. Use the no form to restore the default setting.
SYNTAX
[no] ip arp inspection trust
DEFAULT SETTING
Untrusted
COMMAND MODE
Interface Configuration (Port)
COMMAND USAGE
Packets arriving on untrusted ports are subject to any configured ARP
Inspection and additional validation checks. Packets arriving on trusted
ports bypass all of these checks, and are forwarded according to normal
switching rules.
EXAMPLE
Console(config)#interface ethernet 1/1
Console(config-if)#ip arp inspection trust
Console(config-if)#
To Next Page
Loading...
Need help?
General