Configuring gratuitous arp – H3C Technologies H3C WX3000 Series Unified Switches User Manual

39-7

To do…

Use the command…

Remarks

Quit to system view

quit

—

Enter VLAN view

vlan vlan-id

—

Enable ARP restricted forwarding

arp restricted-forwarding enable

Optional
By default, the ARP restricted
forwarding function is disabled.
The device forwards legal ARP
packets through all its ports.

z

You need to enable DHCP snooping and configure DHCP snooping trusted ports on the device
before configuring the ARP attack detection function. For more information about DHCP snooping,
refer to the DHCP snooping section in DHCP in H3C WX3000 Series Unified Switches Switching

Engine Configuration Guide.

z

Generally, the uplink port of a device is configured as a trusted port.

z

Before enabling ARP restricted forwarding, make sure you enable ARP attack detection and
configure ARP trusted ports.

z

You are not recommended to configure ARP attack detection on the ports of an aggregation group.

Configuring Gratuitous ARP

Follow these steps to configure the gratuitous ARP:

To do…

Use the command…

Remarks

Enter system view

system-view

—

Enable the gratuitous ARP packet
learning function

gratuitous-arp-learning
enable

Optional
By default, the gratuitous ARP packet
learning function is enabled.

The sending of gratuitous ARP packets is enabled as long as a device operates. No command is
needed for enabling this function. That is, the device sends gratuitous ARP packets whenever a VLAN
interface is enabled (such as when a link is enabled or an IP address is configured for the VLAN
interface) or whenever the IP address of a VLAN interface is changed.