2 ipv6 nd-security updateprotect, 3 ip arp-security learnprotect, Security updateprotect – PLANET XGS3-24040 User Manual

19-9

19.2 ipv6 nd-security updateprotect

Command:

ipv6 nd-security updateprotect

no ipv6 nd-security updateprotect

Function:

Forbid ND automatic update function of IPv6 Version, the “no ipv6 nd-security updateprotect”

command re-enables ND automatic update function.

Parameter:

None

Default:

ND update normally.

Command Mode:

Global Mode/ Interface configuration

User Guide:

Forbid ND table automatic update, the ND packets conflicting with current ND item (e.g. with same

IP but different MAC or port) will be droped, the others will be received to update aging timer or

create a new item; so, the current ND item keep unchanged and the new item can still be learned.

Example:

Switch(Config-if-Vlan1)#ipv6 nd -security updateprotect

Switch(config)#ipv6 nd -security updateprotect

19.3 ip arp-security learnprotect

Command:

ip arp-security learnprotect

no ip arp-security learnprotect

Function:

Forbid ARP learning function of IPv4 Version, the “no ip arp-security learnprotect” command

re-enables ARP learning function.

Parameter:

None.

Default:

ARP learning enabled.

Command Mode:

Global Mode/ Interface Configuration.

Usage Guide:

This command is for preventing the automatic learning and updating of ARP. Unlike ip arp-security

updateprotect, once this command implemented, there will still be timeout even if the switch keeps

sending Request/Reply messages.

Example:

Switch(Config-if-Vlan1)# ip arp-security learnprotect