Chapter 25 IP Source Guard
GS3700/XGS3700 Series User’s Guide
283
Figure 195 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > Configure
The following table describes the labels in this screen.
Table 132 IP Source Guard > IPv4 Source Guard Setup > ARP Inspection > Configure
LABEL DESCRIPTION
Active Select this to enable ARP inspection on the Switch. You still have to enable ARP
inspection on specific VLAN and specify trusted ports.
Filter Aging Time
Filter aging time This setting has no effect on existing MAC address filters.
Enter how long (1-2147483647 seconds) the MAC address filter remains in the Switch
after the Switch identifies an unauthorized ARP packet. The Switch automatically deletes
the MAC address filter afterwards. Type 0 if you want the MAC address filter to be
permanent.
Log Profile
Log buffer size Enter the maximum number (1-1024) of log messages that were generated by ARP
packets and have not been sent to the syslog server yet. Make sure this number is
appropriate for the specified Syslog rate and Log interval.
If the number of log messages in the Switch exceeds this number, the Switch stops
recording log messages and simply starts counting the number of entries that were
dropped due to unavailable buffer. Click Clearing log status table in the ARP
I nspection Log Status screen to clear the log and reset this counter. See
Section
25.7.2 on page 281
.
Syslog rate Type the maximum number of syslog messages the Switch can send to the syslog
server in one batch. This number is expressed as a rate because the batch frequency is
determined by the Log I nterval. You must configure the syslog server (
Chapter 50 on
page 485
) to use this. Enter 0 if you do not want the Switch to send log messages
generated by ARP packets to the syslog server.
The relationship between Syslog rate and Log interval is illustrated in the following
examples:
• 4 invalid ARP packets per second, Syslog rate is 5, Log interval is 1: the Switch
sends 4 syslog messages every second.
• 6 invalid ARP packets per second, Syslog rate is 5, Log interval is 2: the Switch
sends 5 syslog messages every 2 seconds.
Log interval Type how often (1-86400 seconds) the Switch sends a batch of syslog messages to the
syslog server. Enter 0 if you want the Switch to send syslog messages immediately. See
Syslog rate for an example of the relationship between Syslog rate and Log interval.
To Next Page
Loading...
