Ip arp inspection vlan – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual
Page 283
Brocade 6910 Ethernet Access Switch Configuration Guide
233
53-1002581-01
ARP Inspection
10
Default Setting
No additional validation is performed
Command Mode
Global Configuration
Command Usage
By default, ARP Inspection only checks the IP-to-MAC address bindings specified in an ARP ACL or
in the DHCP Snooping database.
Example
Console(config)#ip arp inspection validate dst-mac
Console(config)#
ip arp inspection vlan
This command enables ARP Inspection for a specified VLAN or range of VLANs. Use the no form to
disable this function.
Syntax
[no] ip arp inspection vlan {vlan-id | vlan-range}
vlan-id - VLAN ID. (Range: 1-4093)
vlan-range - A consecutive range of VLANs indicated by the use a hyphen, or a random
group of VLANs with each entry separated by a comma.
Default Setting
Disabled on all VLANs
Command Mode
Global Configuration
Command Usage
•
When ARP Inspection is enabled globally with the
command, it becomes
active only on those VLANs where it has been enabled with this command.
•
When ARP Inspection is enabled globally and enabled on selected VLANs, all ARP request and
reply packets on those VLANs are redirected to the CPU and their switching is handled by the
ARP Inspection engine.
•
When ARP Inspection is disabled globally, it becomes inactive for all VLANs, including those
where ARP Inspection is enabled.
•
When ARP Inspection is disabled, all ARP request and reply packets bypass the ARP Inspection
engine and their manner of switching matches that of all other packets.
•
Disabling and then re-enabling global ARP Inspection will not affect the ARP Inspection
configuration for any VLANs.
•
When ARP Inspection is disabled globally, it is still possible to configure ARP Inspection for
individual VLANs. These configuration changes will only become active after ARP Inspection is
globally enabled again.