Enterasys SecureStack C2 C2G170-24

Enterasys SecureStack C2 C2G170-24

698 pages

To Next Page

To Next Page

To Previous Page

To Previous Page

Loading...

set arpinspection validate

17-22 DHCP Snooping and Dynamic ARP Inspection

set arpinspection validate

UsethiscommandtoconfigureadditionaloptionalARPvalidationparameters.

Syntax

set arpinspection validate {[src-mac] [dst-mac] [ip]}

Parameters

Defaults

Allparametersareoptional,butatleastoneparametermustbespecified.

Mode

Switchcommand,read‐write.

Usage

ThiscommandaddsadditionalvalidationofARPpacketsby DAI,beyondthebasicvalidation

thattheARPpacket’ssenderMACaddressandsenderIPaddressmatchanentryintheDHCP

snoopingbindingsdatabase.

Example

ThisexampleaddstheoptionalverificationthatsenderMACaddressesarethesameasthesource

MACaddressesintheEthernetheadersofARPpackets.

C2(su)->set arpinspection validate src-mac

set arpinspection limit

UsethiscommandtoconfigureratelimitingparametersforincomingARPpacketsonaportor

ports

Syntax

set arpinspection limit port port-string {none | rate pps {burst interval secs]}

src‐mac Specifiesthat DAIshouldverifythatthesenderMACaddressequals

thesourceMACaddressintheEthernetheader.

dst‐mac SpecifiesthatDAIshouldverifythatthetargetMACaddressequalsthe

destinationMACaddressintheEthernetheader.

ThischeckonlyappliestoARPresponses,sincethetargetMAC

address

isunspecifiedinARPrequests.

ip SpecifiesthatDAIshouldchecktheIPaddressanddropARPpackets

withaninvalidaddress.Aninvalidaddressisoneofthefollowing:

• 0.0.0.0

• 255.255.255.255

• All IP multicast addresses

• All class E addresses (240.0.0.0/4)

• Loopback addresses (in the range 127.0.0.0/8)

Table of Contents

Other manuals for Enterasys SecureStack C2 C2G170-24

Hardware Installation Guide74 pages

Related product manuals

Preview: SecureStack C2 C2G124-24

SecureStack C2 C2G124-24

Preview: Enterasys SecureStack C2

Enterasys SecureStack C2

Preview: SecureStack A2 A2H124-24

SecureStack A2 A2H124-24

Preview: SecureStack B3 B3G124-48

SecureStack B3 B3G124-48

SecureStack A2 A2H254-16

Preview: SecureStack B3 B3G124-24P

SecureStack B3 B3G124-24P

Preview: SecureStack B2 B2G124-48P

SecureStack B2 B2G124-48P

Enterasys SSA-G1018-0652

Preview: Enterasys C3G124-24

Enterasys C3G124-24

Preview: Enterasys B5G124-24

Enterasys B5G124-24

Preview: Enterasys 08H20G4-24

Enterasys 08H20G4-24

Preview: Enterasys Matrix-V V2H124-24

Enterasys Matrix-V V2H124-24