beautypg.com

2 command examples, 37 6.2 command examples – ZyXEL Communications ZyXEL Dimension ES-2024PWR User Manual

Page 37

background image

Chapter 6 ARP Inspection Commands

Ethernet Switch CLI Reference Guide

37

6.2 Command Examples

This example looks at the current list of MAC address filters that were created because the
Switch identified an unauthorized ARP packet. When the Switch identifies an unauthorized
ARP packet, it automatically creates a MAC address filter to block traffic from the source
MAC address and source VLAN ID of the unauthorized ARP packet.

The following table describes the labels in this screen.

This example looks at log messages that were generated by ARP packets and that have not
been sent to the syslog server yet.

sysname# show arp inspection filter
Filtering aging timeout : 300

MacAddress VLAN Port Expiry (sec) Reason
----------------- ---- ----- ------------ --------------
Total number of bindings: 0

Table 19 show arp inspection filter

LABEL

DESCRIPTION

Filtering aging timeout

This field displays how long the MAC address filters remain in the Switch

after the Switch identifies an unauthorized ARP packet. The Switch

automatically deletes the MAC address filter afterwards.

MacAddress

This field displays the source MAC address in the MAC address filter.

VLAN

This field displays the source VLAN ID in the MAC address filter.

Port

This field displays the source port of the discarded ARP packet.

Expiry (sec)

This field displays how long (in seconds) the MAC address filter remains in

the Switch. You can also delete the record manually (Delete).

Reason

This field displays the reason the ARP packet was discarded.
MAC+VLAN: The MAC address and VLAN ID were not in the binding table.
IP: The MAC address and VLAN ID were in the binding table, but the IP

address was not valid.
Port: The MAC address, VLAN ID, and IP address were in the binding

table, but the port number was not valid.

sysname# show arp inspection log
Total Log Buffer Size : 32
Syslog rate : 5 entries per 1 seconds

Port Vlan Sender MAC Sender IP Pkts Reason
Time
---- ---- ----------------- --------------- ---- ---------- ----
---------------------
Total number of logs: 0

See also other documents in the category ZyXEL Communications Computer Accessories: