Verifying Dynamic Arp Protection Configuration; Displaying Arp Packet Statistics; Monitoring Dynamic Arp Protection - HP 2530 Manual Supplement

Verifying Dynamic ARP protection configuration

To display the current configuration of dynamic ARP protection, including additional validation
checks and the trusted ports that are configured, enter the show arp-protect command:
Example 9 The show arp-protect command
HP Switch(config)# show arp-protect
ARP Protection Information
Enabled Vlans : 1-4094
Validate : dest-mac, src-mac
Port Trust
----- -----
5 Yes
6 Yes
7 No
8 No
9 No

Displaying ARP packet statistics

To display statistics about forwarded ARP packets, dropped ARP packets, MAC validation failure,
and IP validation failures, enter the show arp-protect statistics VLAN-ID-RANGE
command:
Example 10 The show arp-protect statistics command
HP Switch(config)# show arp-protect statistics 1-2
Status and Counters - ARP Protection Counters for VLAN 1
Forwarded pkts : 10
Bad bindings
Malformed pkts : 0
Status and Counters - ARP Protection Counters for VLAN 2
Forwarded pkts : 1
Bad bindings
Malformed pkts : 1

Monitoring dynamic ARP protection

With dynamic ARP protection enabled, you can monitor and troubleshoot the validation of ARP
packets with the debug arp-protect command. Use this command to debug the following
conditions:
The switch drops valid ARP packets that should be allowed.
The switch allows invalid ARP packets that should be dropped.
Bad source mac
: 1 Bad destination mac: 1
Bad IP address
Bad source mac
: 1 Bad destination mac: 1
Bad IP address
: 2
: 0
: 1
: 1
Dynamic ARP protection 19