Static arp entry, Configuring a static arp entry, Arp table – H3C Technologies H3C S12500-X Series Switches User Manual
Page 14
3
Static ARP entry
A static ARP entry is manually configured and maintained. It does not age out and cannot be overwritten
by any dynamic ARP entry.
Static ARP entries protect communication between devices because attack packets cannot modify the
IP-to-MAC mapping in a static ARP entry.
Static ARP entries include long, short, and multiport ARP entries.
•
A long static ARP entry comprises the IP address, MAC address, VLAN, and output interface. It is
directly used for forwarding packets.
•
A short static ARP entry comprises only the IP address and MAC address.
{
If the output interface is a Layer 3 Ethernet interface, the short ARP entry can be directly used to
forward packets.
{
If the output interface is a VLAN interface, the device first sends an ARP request whose target IP
address is the IP address of the short entry. If the sender IP and MAC addresses in the received
ARP reply match the IP and MAC addresses of the short static ARP entry, the device adds the
interface that received the ARP reply to the short static ARP entry, and uses the resolved short
static ARP entry to forward IP packets.
•
A multiport ARP entry comprises the IP address, MAC address, and VLAN. If a multiport ARP entry
has the same MAC address and VLAN as a multicast or multiport unicast MAC address entry, the
device can use the multiport ARP entry to send IP packets. A multiport ARP entry is manually
configured. It does not age out and cannot be overwritten by any dynamic ARP entry. For more
information about multicast MAC, see IP Multicast Configuration Guide.
To communicate with a host by using a fixed IP-to-MAC mapping, configure a short static ARP entry on
the device. To communicate with a host by using a fixed IP-to-MAC mapping through a specific interface
in a specific VLAN, configure a long static ARP entry on the device.
Configuring a static ARP entry
A static ARP entry is effective when the device works correctly. If a VLAN or VLAN interface is deleted,
any long static ARP entry in the VLAN is deleted, and any resolved short static ARP entry in the VLAN
becomes unresolved.
A resolved short static ARP entry becomes unresolved upon certain events. For example, it becomes
unresolved when the resolved output interface goes down.
A long static ARP entry is ineffective if the IP address in the entry conflicts with a local IP address, or no
local interface has an IP address in the same subnet as the IP address in the ARP entry. An ineffective long
static ARP entry cannot be used to forward packets.
Follow these guidelines when you configure a static ARP entry:
•
The vlan-id argument must be the ID of an existing VLAN where the ARP entry resides. The specified
Ethernet interface must belong to that VLAN. The VLAN interface of the VLAN must be created.
•
The IP address of the VLAN interface of the VLAN specified by the vlan-id argument must belong to
the same subnet as the IP address specified by the ip-address argument.
To configure a static ARP entry: