Ip Arp Inspection Validate - Cisco 300 Series Cli Manual

Small business 300 series managed switches command line interface guide release 1.3

Hide thumbs Also See for 300 Series:

Table of Contents

DHCP Snooping and ARP Inspection Commands

ip arp inspection trust

no ip arp inspection trust

Default Configuration

The interface is untrusted.

Command Mode

Interface Configuration (Ethernet, Port-channel) mode

User Guidelines

The device does not check ARP packets that are received on the trusted interface;

it only forwards the packets.

For untrusted interfaces, the device intercepts all ARP requests and responses. It

verifies that the intercepted packets have valid IP-to-MAC address bindings

before updating the local cache and before forwarding the packet to the

appropriate destination. The device drops invalid packets and logs them in the log

buffer according to the logging configuration specified with the ip arp inspection

log-buffer vlan Global Configuration mode command.

The following example configures gi3 as a trusted interface.

switchxxxxxx(config)#

interface gi3

switchxxxxxx(config-if)#

ip arp inspection trust

42.23 ip arp inspection validate

Use the ip arp inspection validate Global Configuration mode command to

perform specific checks for dynamic Address Resolution Protocol (ARP)

inspection. Use the no form of this command to restore the default configuration.

78-21075-01 Command Line Interface Reference Guide