5 anti-arpscan trust ip, Anti, Arpscan trust ip – PLANET XGS3-24040 User Manual
Page 290
18-3
Command Mode:
Port configuration mode
User Guide:
If a port is configured as a trusted port, then the ARP scanning prevention function will not deal with
this port, even if the rate of received ARP messages exceeds the set threshold, this port will not be
closed, but the non- trustful IP of this port will still be checked. If a port is set as a super non- trustful
port, then neither the port nor the IP of the port will be dealt with. If the port is already closed by ARP
scanning prevention, it will be opened right after being set as a trusted port.
When remotely managing a switch with a method like telnet, users should set the uplink port as a
Super Trust port before enabling anti-ARP-scan function, preventing the port from being shutdown
because of receiving too many ARP messages. After the anti-ARP-scan function is disabled, this
port will be reset to its default attribute, that is, Untrust port.
Example:
Set port ethernet 4/5 of the switch as a trusted port.
Switch(config)#in e4/5
Switch(Config-If-Ethernet4/5)# anti-arpscan trust port
18.5 anti-arpscan trust ip
Command:
anti-arpscan trust ip
no anti-arpscan trust ip <ip-address> [
Function:
Configure trusted IP;” no anti-arpscan trust ip <ip-address> [<netmask>]”command reset the IP
to non-trustful IP.
Parameters:
<ip-address>: Configure trusted IP address; <netmask>: Net mask of the IP.
Default Settings:
By default all the IP are non-trustful. Default mask is 255.255.255.255
Command Mode:
Global configuration mode
User Guide:
If a port is configured as a trusted port, then the ARP scanning prevention function will not deal with
this port, even if the rate of received ARP messages exceeds the set threshold, this port will not be
closed. If the port is already closed by ARP scanning prevention, its traffic will be recovered right
immediately.
Example:
Set 192.168.1.0/24 as trusted IP.
Switch(config)#anti-arpscan trust ip 192.168.1.0 255.255.255.0