Ip Arp Inspection Rate-Limit - Planet WGSW-28040 Command Manual

The "src-mac" drop ARP requests and reply packets that arp-sender-mac and ethernet-source-mac is not match. The
"dst-mac" drop ARP reply packets that arp-target-mac and ethernet-dst-mac is not match. The "ip" drop ARP request
and reply packets that sender-ip is invalid such as broadcast、multicast、all zero IP address and drop ARP reply
packets that target-ip is invalid. The "allow-zeros" means won't drop all zero IP address. Use the no form of this
command to disable validation.
Example:
The example shows how to set interface gi1 to validate "src-mac" 、 "dst-mac" and "ip allow zeros". You can verify
settings by the following show ip arp inspection interface command.
switch(config)# interface gi1
switch(config-if)# ip arp inspection validate src-mac
switch(config-if)# ip arp inspection validate dst-ma
switch(config-if)# ip arp inspection validate ip allow-zeros
switch(config)# do show ip arp inspection interface gi1
Interfaces | Trust State | Rate (pps) | SMAC Check | DMAC Check | IP Check/Allow Zero |
------------+--------------+--------------+----------------|-----------------+-------------------------+
gi1 | Untrusted | None | enabled | enabled | enabled/ enabled

4.8.5 ip arp inspection rate-limit

Command:
ip arp inspection rate-limit <1-50>
no ip arp inspection rate-limit
Parameter:
<1-50>
Default:
Default is un-limited of ARP packet
Mode:
Interface Configuration
Usage Guide:
Use the ip arp inspection rate-limit command to set rate limitation on interface. The switch drop ARP packets after
receives more than configured rate of packets per second. Use the no form of this command to return to default
settings.
Set 1 to 50 PPS of DHCP packet rate limitation
Command Guide of WGSW-28040
127