Chapter 2
Catalyst 3560 Switch Cisco IOS Commands
Command History
Release
12.2(20)SE
Usage Guidelines
You can add deny clauses to drop ARP packets based on matching criteria.
Examples
This example shows how to define an ARP access list and to deny both ARP requests and ARP responses
from a host with an IP address of 1.1.1.1 and a MAC address of 0000.0000.abcd:
Switch(config)# arp access-list static-hosts
Switch(config-arp-nacl)# deny ip host 1.1.1.1 mac host 0000.0000.abcd
Switch(config-arp-nacl)# end
You can verify your settings by entering the show arp access-list privileged EXEC command.
Related Commands
Command
arp access-list
ip arp inspection filter vlan
permit (ARP access-list
configuration)
show arp access-list
78-16405-05
Modification
This command was introduced.
Description
Defines an ARP access control list (ACL).
Permits ARP requests and responses from a host configured with a
static IP address.
Permits an ARP packet based on matches against the DHCP bindings.
Displays detailed information about ARP access lists.
deny (ARP access-list configuration)
Catalyst 3560 Switch Command Reference
2-71