273
Configuring ARP restricted forwarding
ARP restricted forwarding controls the forwarding of ARP packets that are received on untrusted ports and
have passed ARP detection in the following cases:
ï‚· If the packets are ARP requests, they are forwarded through the trusted ports.
ï‚· If the packets are ARP responses, they are forwarded according to their destination MAC address. If
no match is found in the MAC address table, they are forwarded through the trusted ports.
Before performing the following configuration, make sure you have configured the arp detection enable
command.
Follow these steps to enable ARP restricted forwarding:
Enable ARP restricted forwarding
arp restricted-forwarding enable
Required
Disabled by default.
Displaying and maintaining ARP detection
Display the VLANs enabled
with ARP detection
display arp detection [ | { begin | exclude |
include } regular-expression ]
Display the ARP detection
statistics
display arp detection statistics [ interface
interface-type interface-number ] [ | { begin |
exclude | include } regular-expression ]
Clear the ARP detection
statistics
reset arp detection statistics [ interface interface-
type interface-number ]
ARP detection configuration example I
Network requirements
As shown in Figure 84, configure Switch A as a DHCP server and enable DHCP snooping on Switch B.
Configure Host A as a DHCP client. Configure Host B whose IP address is 10.1.1.6 and MAC address is
0001-0203-0607. Enable ARP detection for VLAN 10 to allow only packets from valid clients or hosts to
pass.
To Next Page
Loading...
Need help?
General