beautypg.com

Displaying arp inspection statistics, Figure 220 c – Brocade 6910 Ethernet Access Switch Configuration Guide (Supporting R2.2.0.0) User Manual

Page 961

background image

Brocade 6910 Ethernet Access Switch Configuration Guide

905

53-1002651-02

42

ARP Inspection

By default, all untrusted ports are subject to ARP packet rate limiting, and all trusted ports are
exempt from ARP packet rate limiting.

Packets arriving on trusted interfaces bypass all ARP Inspection and ARP Inspection Validation
checks and will always be forwarded, while those arriving on untrusted interfaces are subject
to all configured ARP inspection tests.

Packet Rate Limit – Sets the maximum number of ARP packets that can be processed by CPU
per second on trusted or untrusted ports. (Range: 0-2048; Default: 15)
Setting the rate limit to “0” means that there is no restriction on the number of ARP packets
that can be processed by the CPU.

The switch will drop all ARP packets received on a port which exceeds the configured
ARP-packets-per-second rate limit.

Interface
To configure interface settings for ARP Inspection:

1. Click Security, ARP Inspection.

2. Select Configure Interface from the Step list.

3. Specify any untrusted ports which require ARP inspection, and adjust the packet inspection

rate.

4. Click Apply.

FIGURE 220

Configuring Interface Settings for ARP Inspection

Displaying ARP Inspection Statistics

Use the Security > ARP Inspection (Show Information - Show Statistics) page to display statistics
about the number of ARP packets processed, or dropped for various reasons.

CLI References

“show ip arp inspection statistics”

on page 231