Operation Manual – ARP
H3C S3100 Series Ethernet Switches
Enable the ARP entry
checking function (that is,
disable the switch from
learning ARP entries with
multicast MAC addresses)
Caution:
Static ARP entries are valid as long as the Ethernet switch operates normally. But
some operations, such as removing a VLAN, or removing a port from a VLAN, will
make the corresponding ARP entries invalid and therefore removed automatically.
As for the arp static command, the value of the vlan-id argument must be the ID of
an existing VLAN, and the port identified by the interface-type and interface-number
arguments must belong to the VLAN.
Currently, static ARP entries cannot be configured on the ports of an aggregation
group.
1.2.2 Configuring ARP Source MAC Address Consistency Check
Table 1-5 Configure ARP Source MAC Address Consistency Check
Enter system view
Enable ARP source MAC
address consistency
check
1.2.3 Configuring ARP Attack Detection
Table 1-6 Configure the ARP attack detection function
Enter system view
Enable DHCP snooping
Enter Ethernet port view
Operation
To do...
Operation
system-view
dhcp-snooping
interface interface-type
interface-number
Command
arp check enable
Use the command...
system-view
arp anti-attack
valid-check enable
Command
1-8
Chapter 1 ARP Configuration
Remarks
Optional
By default, the ARP
entry checking
function is enabled.
Remarks
—
Required
Disabled by default.
Remarks
—
Required
By default, the DHCP
snooping function is
disabled.
—