Edge-Core ECS4660-28F Management Manual page 1148

| General Security Measures
C 29
HAPTER
ARP Inspection
ip arp inspection
log-buffer logs
E
XAMPLE
Console(config)#ip arp inspection filter sales vlan 1
Console(config)#
This command sets the maximum number of entries saved in a log
message, and the rate at which these messages are sent. Use the no form
to restore the default settings.
S
YNTAX
ip arp inspection log-buffer logs message-number interval seconds
no ip arp inspection log-buffer logs
message-number - The maximum number of entries saved in a log
message. (Range: 0-256, where 0 means no events are saved)
seconds - The interval at which log messages are sent.
(Range: 0-86400)
D S
EFAULT ETTING
Message Number: 5
Interval: 1 second
C M
OMMAND ODE
Global Configuration
C U
OMMAND SAGE
◆ ARP Inspection must be enabled with the
before this command will be accepted by the switch.
By default, logging is active for ARP Inspection, and cannot be disabled.
◆
When the switch drops a packet, it places an entry in the log buffer.
◆
Each entry contains flow information, such as the receiving VLAN, the
port number, the source and destination IP addresses, and the source
and destination MAC addresses.
If multiple, identical invalid ARP packets are received consecutively on
◆
the same VLAN, then the logging facility will only generate one entry in
the log buffer and one corresponding system message.
The maximum number of entries that can be stored in the log buffer is
◆
determined by the message-number parameter. If the log buffer fills up
before a message is sent, the oldest entry will be replaced with the
newest one.
The switch generates a system message on a rate-controlled basis
◆
determined by the seconds values. After the system message is
generated, all entries are cleared from the log buffer.
– 1148 –
ip arp inspection command