Arp Detection Validate; Arp Restricted-Forwarding Enable - HP FlexFabric 7900 Series Command Reference Manual

arp detection validate

Use arp detection validate to enable ARP packet validity check. You can specify one or more objects to
be checked in one command line.
Use undo arp detection validate to disable ARP packet validity check. If no keyword is specified, this
command deletes all objects.
Syntax
arp detection validate { dst-mac | ip | src-mac } *
undo arp detection validate [ dst-mac | ip | src-mac ] *
Default
ARP packet validity check is disabled.
Views
System view
Predefined user roles
network-admin
Parameters
dst-mac: Checks the target MAC address of ARP responses. If the target MAC address is all-zero, all-one,
or inconsistent with the destination MAC address in the Ethernet header, the packet is considered invalid
and discarded.
ip: Checks the sender and target IP addresses of ARP replies, and the sender IP address of ARP requests.
All-one or multicast IP addresses are considered invalid and the corresponding packets are discarded.
src-mac: Checks whether the sender MAC address in the message body is identical to the source MAC
address in the Ethernet header. If they are identical, the packet is forwarded. Otherwise, the packet is
discarded.
Examples
# Enable ARP packet validity check by checking the MAC addresses and IP addresses of ARP packets.
<Sysname> system-view
[Sysname] arp detection validate dst-mac src-mac ip

arp restricted-forwarding enable

Use arp restricted-forwarding enable to enable ARP restricted forwarding.
Use undo arp restricted-forwarding enable to disable ARP restricted forwarding.
Syntax
arp restricted-forwarding enable
undo arp restricted-forwarding enable
Default
ARP restricted forwarding is disabled.
Views
VLAN view
215