Displaying Arp Inspection Status And Ports - Dell PowerConnect B-RX Configuration Manual
Bigiron rx series supporting multi-service ironware v02.7.03
Hide thumbs
Also See for PowerConnect B-RX:
- Configuration manual (1458 pages) ,
- Getting started manual (32 pages) ,
- Installation manual (240 pages)
Table of Contents
Advertisement
35
Dynamic ARP inspection
Configuring an inspection ARP entry
Static ARP and static inspection ARP entries need to be configured for hosts on untrusted ports.
Otherwise, when DAI checks ARP packets from these hosts against entries in the ARP table, it will
not find any entries for them, and the Brocade device will not allow and learn ARP from an
untrusted host.
When the inspection ARP entry is resolved with the correct IP/MAC mapping, its status changes
from pending to valid.
To configure an inspection ARP entry, enter commands such as the following.
BigIron RX(config)#arp 20.20.20.12
0001.0002.0003 inspection
The commands defines an inspection ARP entry, mapping a device's IP address 20.20.20.12 with
its MAC address 0001.0002.0003.
Syntax: [no] arp <index> <ip-addr> <mac-addr> inspection
The index can be from 1 up to the maximum number of static entries allowed.
The <ip-addr> <mac-addr> parameter specifies a device's IP address and MAC address pairing.
Enabling DAI on a VLAN
DAI is disabled by default. To enable DAI on an existing VLAN, enter the following command.
BigIron RX(config)#ip arp inspection vlan 2
The command enables DAI on VLAN 2. ARP packets from untrusted ports in VLAN 2 will undergo
DAI inspection.
Syntax: [no] ip arp inspection vlan <vlan-number>
The <vlan-number> variable specifies the ID of a configured VLAN.
Enabling trust on a port
The default trust setting for a port is untrusted. For ports that are connected to host ports, leave
their trust settings as untrusted.
To enable trust on a port, enter commands such as the following.
BigIron RX(config)#interface ethernet 1/4
BigIron RX(config-if-e10000-1/4)#arp inspection trust
The commands change the CLI to the interface configuration level of port 1/4 and set the trust
setting of port 1/4 to trusted.
Syntax: [no] arp inspection trust
Displaying ARP inspection status and ports
To display the ARP inspection status for a VLAN and the trusted or untrusted ports in the VLAN,
enter the following command.
986
BigIron RX Series Configuration Guide
53-1001986-01
Advertisement
Chapters
Table of Contents
