Table of Contents
Advertisement
D
EFAULT
Disabled on all VLANs
C
OMMAND
Global Configuration
C
OMMAND
◆
◆
◆
◆
◆
◆
E
XAMPLE
Console(config)#ip arp inspection vlan 1,2
Console(config)#
This command sets a rate limit for the ARP packets received on a port. Use
ip arp inspection
the no form to restore the default setting.
limit
S
YNTAX
D
EFAULT
15
S
ETTING
M
ODE
U
SAGE
When ARP Inspection is enabled globally with the
command, it becomes active only on those VLANs where it has been
enabled with this command.
When ARP Inspection is enabled globally and enabled on selected
VLANs, all ARP request and reply packets on those VLANs are
redirected to the CPU and their switching is handled by the ARP
Inspection engine.
When ARP Inspection is disabled globally, it becomes inactive for all
VLANs, including those where ARP Inspection is enabled.
When ARP Inspection is disabled, all ARP request and reply packets
bypass the ARP Inspection engine and their manner of switching
matches that of all other packets.
Disabling and then re-enabling global ARP Inspection will not affect the
ARP Inspection configuration for any VLANs.
When ARP Inspection is disabled globally, it is still possible to configure
ARP Inspection for individual VLANs. These configuration changes will
only become active after ARP Inspection is globally enabled again.
ip arp inspection limit {rate pps | none}
no ip arp inspection limit
pps - The maximum number of ARP packets that can be processed
by the CPU per second. (Range: 0-2048, where 0 means that no
ARP packets can be forwarded)
none - There is no limit on the number of ARP packets that can be
processed by the CPU.
S
ETTING
– 743 –
| General Security Measures
C
28
HAPTER
ip arp inspection
ARP Inspection
- Quick Links:
- Port Configuration
- Connecting to the Switch
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
