Static arp entry configuration example, Network requirements, Configuring the secpath – H3C Technologies H3C SecPath F1000-E User Manual

252

Task Command

Remarks

Display the aging timer for
dynamic ARP entries.

display arp timer aging [ | { begin | exclude
| include } regular-expression ]

Available in any view

Clear ARP entries from the ARP
table.

reset arp { all | dynamic | static | interface
interface-type interface-number }

Available in user view

NOTE:

Clearing ARP entries from the ARP table may cause communication failures.

Static ARP entry configuration example

Network requirements

As shown in

Figure 156

, hosts are connected to the SecPath, which is connected to the router through

interface GigabitEthernet 0/1 in VLAN 10. The IP and MAC addresses of the router are 192.168.1.1/24

and 00e0-fc01-0000 respectively.
To prevent malicious users from attacking the SecPath and enhance security for communications between

the router and the SecPath, configure a static ARP entry for the router on the SecPath.

Figure 161 Network diagram

Configuring the SecPath

# Create VLAN 10.

<SecPath> system-view

[SecPath] vlan 10

[SecPath-vlan10] quit

# Add interface GigabitEthernet 0/1 to VLAN 10.

[SecPath] interface GigabitEthernet 0/1

[SecPath-GigabitEthernet0/1] port link-type trunk

[SecPath-GigabitEthernet0/1] port trunk permit vlan 10

[SecPath-GigabitEthernet0/1] quit

# Create interface VLAN-interface 10 and configure its IP address.

[SecPath] interface vlan-interface 10