Configuring vlan settings for arp inspection, Figure 218 confi – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual
Page 959
Brocade 6910 Ethernet Access Switch Configuration Guide
903
53-1002651-02
42
ARP Inspection
•
Log Interval – The interval at which log messages are sent. (Range: 0-86400 seconds;
Default: 1 second)
Interface
To configure global settings for ARP Inspection:
1. Click Security, ARP Inspection.
2. Select Configure General from the Step list.
3. Enable ARP inspection globally, enable any of the address validation options, and adjust any of
the logging parameters if required.
4. Click Apply.
FIGURE 218
Configuring Global Settings for ARP Inspection
Configuring VLAN Settings for ARP Inspection
Use the Security > ARP Inspection (Configure VLAN) page to enable ARP inspection for any VLAN
and to specify the ARP ACL to use.
CLI References
•
Command Usage
ARP Inspection VLAN Filters (ACLs)
•
By default, no ARP Inspection ACLs are configured and the feature is disabled.
•
ARP Inspection ACLs are configured within the ARP ACL configuration page (see
•
ARP Inspection ACLs can be applied to any configured VLAN.
•
ARP Inspection uses the DHCP snooping bindings database for the list of valid IP-to-MAC
address bindings. ARP ACLs take precedence over entries in the DHCP snooping bindings
database. The switch first compares ARP packets to any specified ARP ACLs.
•
If Static is specified, ARP packets are only validated against the selected ACL – packets are
filtered according to any matching rules, packets not matching any rules are dropped, and the
DHCP snooping bindings database check is bypassed.
•
If Static is not specified, ARP packets are first validated against the selected ACL; if no ACL
rules match the packets, then the DHCP snooping bindings database determines their validity.