Arp Detection Trust - 3Com 5500-EI PWR Reference Manual
Hide thumbs
Also See for 5500-EI PWR:
- Install manual (1072 pages) ,
- Getting started manual (118 pages) ,
- Quick reference manual (59 pages)
Table of Contents
Advertisement
Description
Use the arp detection enable command to enable the ARP attack detection function on all ports in the
specified VLAN. When receiving an ARP packet from a port in this VLAN, the switch will check the
source IP address, source MAC address, number of the receiving port, and the VLAN of the port. If the
mapping of the source IP address and source MAC address is not included in the DHCP snooping
entries or IP static binding entries, or the number of the receiving port and the VLAN of the port do not
match the DHCP snooping entries or IP static binding entries, the ARP packet will be discarded.
Use the undo arp detection enable command to disable the ARP attack detection function on all ports
in the specified VLAN.
By default, ARP attack detection is disabled on the switch.
Examples
# Enable ARP attack detection on all ports in VLAN 1.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] vlan 1
[Sysname-vlan1] arp detection enable
arp detection trust
Syntax
arp detection trust
undo arp detection trust
View
Ethernet port view
Parameters
None
Description
Use the arp detection trust command to specify the current port as a trusted port, that is, ARP packets
received on this port are regarded as legal ARP packets and will not be checked.
Use the undo arp detection trust command to specify the current port as an untrusted port in ARP
detection.
By default, a port is an untrusted port in ARP detection.
Examples
# Specify Ethernet 1/0/11 as the trusted port in ARP detection.
<Sysname> system-view
System View: return to User View with Ctrl+Z.
[Sysname] interface Ethernet 1/0/11
[Sysname-Ethernet1/0/11] arp detection trust
2-2
Advertisement
Chapters
Table of Contents
