Arp Detection Configuration Example 2 - HP A5830 Series Configuration Manual

# Configure the upstream port as a trusted port and the downstream ports as untrusted ports (a port is an
untrusted port by default).
[SwitchB-vlan10] interface gigabitethernet 1/0/3
[SwitchB-GigabitEthernet1/0/3] arp detection trust
[SwitchB-GigabitEthernet1/0/3] quit
After the preceding configurations are complete, when ARP packets arrive at interfaces GigabitEthernet
1/0/1 and GigabitEthernet 1/0/2, they are checked against 802.1X security entries.

ARP detection configuration example 2

Network requirements
Configure Switch A as a DHCP server and enable DHCP snooping on Switch B. Configure Host A as a
DHCP client. Configure Host B whose IP address is 10.1.1.6 and MAC address is 0001-0203-0607.
Enable ARP detection for VLAN 10 to allow only packets from valid clients or hosts to pass.
Figure 76 Network diagram for ARP detection configuration
Switch A
DHCP snooping
Switch B
GE1/0/1
Host A
DHCP client
Configuration procedure
Add all ports on Switch B to VLAN 10, and configure the IP address of VLAN-interface 10 on
1.
Switch A. (Details not shown)
Configure Switch A as a DHCP server.
2.
# Configure DHCP address pool 0.
<SwitchA> system-view
[SwitchA] dhcp enable
[SwitchA] dhcp server ip-pool 0
[SwitchA-dhcp-pool-0] network 10.1.1.0 mask 255.255.255.0
Configure Host A as a DHCP client and Host B as a user, respectively. (Details not shown)
3.
Configure Switch B.
4.
# Enable DHCP snooping.
<SwitchB> system-view
[SwitchB] dhcp-snooping
Gateway
DHCP server
GE1/0/3
Vlan-int10
10.1.1.1/24
VLAN 10
GE1/0/3
GE1/0/2
Host B
10.1.1.6
0001-0203-0607
234