Displaying And Maintaining Arp Attack Detection; User Validity Check And Arp Packet Validity Check Configuration Example - HPE FlexNetwork 5510 HI Series Security Configuration Manual

The following is an example of an ARP attack detection log message:
Detected an inspection occurred on interface GigabitEthernet1/0/1 with IP address
172.18.48.55 (Total 10 packets dropped).
To enable ARP attack detection logging:
Step
1. Enter system view.
2. Enable
detection logging.

Displaying and maintaining ARP attack detection

Execute display commands in any view and reset commands in user view.
Task
Display the VLANs enabled with
ARP attack detection.
Display the ARP attack detection
statistics.
Clear the ARP attack detection
statistics.
User validity check and ARP packet validity check
configuration example
Network requirements
As shown in
VLAN 10. Switch B performs ARP packet validity check and user validity check based on static IP
source guard bindings and DHCP snooping entries for connected hosts.
Figure 126 Network diagram
Switch A
DHCP snooping
Switch B
GE1/0/1
Host A
DHCP client
Command
system-view
ARP attack
arp detection log enable
Figure 126, configure DHCP snooping on Switch B, and enable ARP attack detection in
Gateway
DHCP server
GE1/0/3
Vlan-int10
10.1.1.1/24
VLAN 10
GE1/0/3
GE1/0/2
Host B
10.1.1.6
0001-0203-0607
Command
display arp detection
display arp detection
interface-number ]
reset arp detection
interface-number ]
423
Remarks
N/A
By default, ARP attack detection
logging is disabled.
statistics [ interface
statistics [ interface
interface-type
interface-type