Chapter 77 IP Source Guard
OLT2406 User’s Guide
556
• Displays DHCP snooping configuration details.
77.6 ARP Inspection Commands
Use ARP inspection to look at the current list of MAC address filters that were created because the OLT
identified an unauthorized ARP packet. When the OLT identifies an unauthorized ARP packet, it
automatically creates a MAC address filter to block traffic from the source MAC address and source
VLAN ID of the unauthorized ARP packet.
Use these commands to filter unauthorized ARP packets in your network.
OLT2406(config)# dhcp snooping
OLT2406(config)# dhcp snooping database tftp://172.16.37.17/
snoopdata.txt
OLT2406(config)# dhcp snooping vlan 1,2,3,200,300
OLT2406(config)# dhcp snooping vlan 1,2,3,200,300 option
OLT2406(config)# interface port-channel ge-5-1&&-4
OLT2406(config-interface)# dhcp snooping trust
OLT2406(config-interface)# dhcp snooping limit rate 100
OLT2406(config-interface)# exit
OLT2406(config)# dhcp dhcp-vlan 300
OLT2406(config)# exit
OLT2406# show dhcp snooping
Switch DHCP snooping is enabled
DHCP Snooping is configured on the following VLANs:
1-3,200,300
Option 82 is configured on the following VLANs:
1-3,200,300
Appending system name is configured on the following VLANs:
DHCP VLAN is enabled on VLAN 300
Interface Trusted Rate Limit (pps)
--------- ------- ----------------
ge-5-1 yes 100
ge-5-2 yes 100
ge-5-3 yes 100
ge-5-4 yes 100
ge-6-1 no unlimited
ge-6-2 no unlimited
ge-6-3 no unlimited
ge-6-4 no unlimited
Table 285 ARP Inspection Commands
COMMAND DESCRIPTION M P
arp inspection
Enables ARP inspection on the OLT. You still have
to enable ARP inspection on specific VLAN and
specify trusted ports.
C13
no arp inspection
Disables ARP inspection on the OLT. C 13
show arp inspection
Displays ARP inspection configuration details. E 3
clear arp inspection statistics
Removes all ARP inspection statistics on the OLT. E 13
clear arp inspection statistics
vlan <vlan-list>
Removes ARP inspection statistics for the
specified VLAN(s).
E13
To Next Page
Loading...
