beautypg.com

Ip arp inspection filter – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual

Page 282

background image

226

Brocade 6910 Ethernet Access Switch Configuration Guide

53-1002651-02

10

ARP Inspection

Command Mode
Global Configuration

Command Usage

When ARP Inspection is enabled globally with this command, it becomes active only on those
VLANs where it has been enabled with the

ip arp inspection vlan

command.

When ARP Inspection is enabled globally and enabled on selected VLANs, all ARP request and
reply packets on those VLANs are redirected to the CPU and their switching is handled by the
ARP Inspection engine.

When ARP Inspection is disabled globally, it becomes inactive for all VLANs, including those
where ARP Inspection is enabled.

When ARP Inspection is disabled, all ARP request and reply packets bypass the ARP Inspection
engine and their manner of switching matches that of all other packets.

Disabling and then re-enabling global ARP Inspection will not affect the ARP Inspection
configuration for any VLANs.

When ARP Inspection is disabled globally, it is still possible to configure ARP Inspection for
individual VLANs. These configuration changes will only become active after ARP Inspection is
globally enabled again.

Example

Console(config)#ip arp inspection

Console(config)#

ip arp inspection filter

This command specifies an ARP ACL to apply to one or more VLANs. Use the no form to remove an
ACL binding.

Syntax

ip arp inspection filter arp-acl-name vlan {vlan-id | vlan-range} [static]

arp-acl-name - Name of an ARP ACL. (Maximum length: 16 characters)

vlan-id - VLAN ID. (Range: 1-4093)

vlan-range - A consecutive range of VLANs indicated by the use a hyphen, or a random
group of VLANs with each entry separated by a comma.

static - ARP packets are only validated against the specified ACL, address bindings in the
DHCP snooping database is not checked.

Default Setting
ARP ACLs are not bound to any VLAN
Static mode is not enabled

Command Mode
Global Configuration

Command Usage

ARP ACLs are configured with the commands described under

“Configuring an ARP ACL”

on

page 896.

See also other documents in the category Brocade Computer Accessories: