Arp Detection Trust; Arp Detection Validate - HP 6125G Command Reference Manual
Security command reference
Hide thumbs
Also See for 6125G:
- Command reference manual (426 pages) ,
- Configuration manual (379 pages) ,
- Release note (60 pages)
Table of Contents
Advertisement
arp detection trust
Syntax
arp detection trust
undo arp detection trust
View
Layer 2 Ethernet interface view, Layer 2 aggregate interface view
Default level
2: System level
Parameters
None
Description
Use arp detection trust to configure the port as an ARP trusted port.
Use undo arp detection trust to restore the default.
By default, the port is an ARP untrusted port.
Examples
# Configure layer 2 Ethernet port GigabitEthernet 1/0/1 as an ARP trusted port.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] arp detection trust
arp detection validate
Syntax
arp detection validate { dst-mac | ip | src-mac } *
undo arp detection validate [ dst-mac | ip | src-mac ] *
View
System view
Default level
2: System level
Parameters
dst-mac: Checks the target MAC address of ARP responses. If the target MAC address is all-zero, all-one,
or inconsistent with the destination MAC address in the Ethernet header, the packet is considered invalid
and discarded.
ip: Checks the source and destination IP addresses of ARP packets. The all-zero, all-one or multicast IP
addresses are considered invalid and the corresponding packets are discarded. With this keyword
specified, the source and destination IP addresses of ARP replies, and the source IP address of ARP
requests will be checked.
src-mac: Checks whether the sender MAC address of an ARP packet is identical to the source MAC
address in the Ethernet header. If they are identical, the packet is considered valid; otherwise, the packet
is discarded.
261
Advertisement
Table of Contents
