8 show ip arp inspection – CANOGA PERKINS 9175 Command Reference User Manual

Page 622

Advertising
background image

CanogaOS Command Reference

34-7

All denied or dropped packets are logged.


Command Mode

Global configuration


Usage

The acl-match and dhcp-bindings keywords merge with each other. When you set an ACL match

configuration, the DHCP bindings configuration is not disabled. You can use the no form of this

command to reset some of the logging criteria to their defaults. If you do not specify either option, all the

logging types are reset to log on when the ARP packets are denied. The two options that are available to

you are as follows:
„ acl-match—Logging on ACL matches is reset to log on deny
„ dhcp-bindings—Logging on DHCP binding compared is reset to log on deny


Examples

This example shows how to configure an ARP inspection on VLAN 1 to add packets to a log on matching

against the ACLs with the logging keyword:

Switch# config terminal

Enter configuration commands, one per line. End with CNTL/Z.

Switch(config)# ip arp inspection vlan 1 logging acl-match matchlog


Related Commands

arp access-list

show ip arp inspection

34.8 show ip arp inspection

To show the status of dynamic ARP inspection for a specific range of VLANs, use the show ip arp

inspection command in privileged EXEC mode.


Command Syntax

show ip arp inspection {[statistics] vlan vlan-range | interfaces [interface-name]}

statistics

(Optional) Displays statistics for the following types of

packets that have been processed by this feature: forwarded,

dropped, MAC validation failure, and IP validation failure.

vlan vlan-range

(Optional) When used with the statistics keyword, displays

the statistics for the selected range of VLANs. Without the

statistics keyword, displays the configuration and operating

state of DAI for the selected range of VLANs.

interfaces interface-name

(Optional) Displays the trust state and the rate limit of ARP

packets for the provided interface. When the interface name

is not specified, the command displays the trust state and

rate limit for all applicable interfaces in the system.

Advertising
Popular Brands
Popular manuals