Ip arp inspection log-buffer logs, Ip arp inspection log-buffer, Logs – LevelOne GTL-2691 User Manual
Page 963
C
HAPTER
29
| General Security Measures
ARP Inspection
– 963 –
E
XAMPLE
Console(config)#ip arp inspection filter sales vlan 1
Console(config)#
ip arp inspection
log-buffer logs
This command sets the maximum number of entries saved in a log
message, and the rate at which these messages are sent. Use the no form
to restore the default settings.
S
YNTAX
ip arp inspection log-buffer logs message-number interval seconds
no ip arp inspection log-buffer logs
message-number - The maximum number of entries saved in a log
message. (Range: 0-256, where 0 means no events are saved)
seconds - The interval at which log messages are sent.
(Range: 0-86400)
D
EFAULT
S
ETTING
Message Number: 5
Interval: 1 second
C
OMMAND
M
ODE
Global Configuration
C
OMMAND
U
SAGE
◆
ARP Inspection must be enabled with the
command
before this command will be accepted by the switch.
◆
By default, logging is active for ARP Inspection, and cannot be disabled.
◆
When the switch drops a packet, it places an entry in the log buffer.
Each entry contains flow information, such as the receiving VLAN, the
port number, the source and destination IP addresses, and the source
and destination MAC addresses.
◆
If multiple, identical invalid ARP packets are received consecutively on
the same VLAN, then the logging facility will only generate one entry in
the log buffer and one corresponding system message.
◆
The maximum number of entries that can be stored in the log buffer is
determined by the message-number parameter. If the log buffer fills up
before a message is sent, the oldest entry will be replaced with the
newest one.
◆
The switch generates a system message on a rate-controlled basis
determined by the seconds values. After the system message is
generated, all entries are cleared from the log buffer.