Cisco 350 Series Administration Manual page 505
Managed switches
Hide thumbs
Also See for 350 Series:
- Hardware installation manual (96 pages) ,
- Quick start manual (61 pages) ,
- Manual (10 pages)
Table of Contents
Advertisement
17
362
If the ARP Packet Validation option is selected
validation checks are performed:
•
Source MAC — Compares the packet's source MAC address in the Ethernet header
against the sender's MAC address in the ARP request. This check is performed on both
ARP requests and responses.
•
Destination MAC — Compares the packet's destination MAC address in the Ethernet
header against the destination interface's MAC address. This check is performed for
ARP responses.
•
IP Addresses — Compares the ARP body for invalid and unexpected IP addresses.
Addresses include 0.0.0.0, 255.255.255.255, and all IP Multicast addresses.
Packets with invalid ARP Inspection bindings are logged and dropped.
Up to 1024 entries can be defined in the ARP Access Control table.
Interaction Between ARP Inspection and DHCP Snooping
If DHCP Snooping is enabled, ARP Inspection uses the DHCP Snooping Binding database in
addition to the ARP access control rules. If DHCP Snooping is not enabled, only the ARP
access control rules are used.
(Properties
Cisco 350, 350X and 550X Series Managed Switches, Firmware Release 2.4, ver 0.4
ARP Inspection
page), the following additional
Security
Hide quick links:
Advertisement
Table of Contents
