Enterasys b5 - Set Arpinspection Filter; Show Arpinspection Access-List

To Next Page

To Previous Page

set arpinspection filter

17-24 DHCP Snooping and Dynamic ARP Inspection

set arpinspection filter

UsethiscommandtocreateanARPACLandthentoassignanACLtoaVLAN,optionallyasa

staticmapping.

Syntax

set arpinspection filter name {permit ip host sender-ipaddr mac host

sender-macaddr | vlan vlan-range [static]}

Parameters

Defaults

None.

Mode

Switchcommand,read‐write.

Usage

ARPACLsareusedtodefinestaticmappingsforDAI.ARPACLsarecompletelyindependentof

ACLsusedforQoS.Amaximumof100ARPACLscanbeconfigured.WithinanACL,a

maximumof20rulescanbeconfigured.

AstaticmappingassociatesanIPaddresstoaMACaddress

onaVLAN.DAIconsultsitsstatic

mappingsbeforeitconsultstheDHCP snoopingbindingsdatabase—thus,staticmappingshave

precedenceoverDHCPsnoopingbindings.

Example

ThisexamplecreatesanACLnamedstaticARPand createsapermitruleforIPaddress

192.168.1.10.Then,theACLisassignedtoaVLANasastaticmapping.

B5(su)->set arpinspection filter staticARP permit ip host 192.168.1.10 mac host

00:01:22:33:44:55

B5(su)->set arpinspection filter staticARP vlan 10 static

show arpinspection access-list

UsethiscommandtodisplayARPaccesslistconfigurationinformation.

Syntax

show arpinspection access-list [acl-name]

name SpecifiesthenameoftheARPACL.

permit Specifiesthatapermitruleisbeingcreated.

iphostsender‐ipaddr SpecifiestheIPaddressintherulebeingcreated.

machost

sender‐macaddr

SpecifiestheMACaddressintherulebeingcreated.

vlanvlan‐range SpecifiestheVLANorVLANstowhichthisARP

ACLisassigned.

static (Optional)SpecifiesthatthisARPACLconfiguresstaticmappingsfor

theVLANorVLANs.