340
• ip: Checks the sender and target IP addresses in an ARP packet. Any all-zero, all-one or multicast IP
addresses are considered invalid and the corresponding packets are discarded. With this object
specified, the sender and target IP addresses of ARP replies, and the source IP address of ARP
requests are checked.
Follow these steps to configure ARP detection based on specified objects:
To do… Use the command…
Remarks
Enter system view system-view —
Enter VLAN view vlan vlan-id —
Enable ARP detection for the VLAN arp detection enable
Required
Disabled by default.
Return to system view quit —
Specify the objects to be checked
arp detection validate { dst-mac |
ip | src-mac } *
Required
Disabled by default.
Enter Layer 2 Ethernet port/Layer 2
aggregate interface view
interface interface-type
interface-number
—
Configure the port as a trusted port
on which ARP detection does not
apply
arp detection trust
Optional
The port is an untrusted port by
default.
Configuring ARP restricted forwarding
ARP restricted forwarding controls the forwarding of ARP packets that are received on untrusted ports
and have passed ARP detection in the following cases:
• If the packets are ARP requests, they are forwarded through the trusted ports.
• If the packets are ARP responses, they are forwarded according to their destination MAC address.
If no match is found in the MAC address table, they are forwarded through the trusted ports.
Before performing the following configuration, make sure you have configured the arp detection enable
command.
Follow these steps to enable ARP restricted forwarding:
To do… Use the command…
Remarks
Enter system view system-view —
Enter VLAN view vlan vlan-id —
Enable ARP restricted forwarding arp restricted-forwarding enable
Required
Disabled by default.
Displaying and maintaining ARP detection
To do… Use the command…
Remarks
Display the VLANs enabled
with ARP detection
display arp detection [ | { begin | exclude |
include } regular-expression ]
Available in any view
To Next Page
Loading...
Need help?
General