1 show commands, 1 show ip arp inspection statistics, 2 show ip arp inspection – Fortinet 548B User Manual

- 354 -

7.20.1

Show Commands

7.20.1.1 show ip arp inspection statistics

This command displays the statistics of the ARP packets processed by Dynamic ARP Inspection. Give
the vlan-list argument and the command displays the statistics on all DAI-enabled VLANs in that list.
Give the single vlan argument and the command displays the statistics on that VLAN. If no argument is
included, the command lists a summary of the forwarded and dropped ARP packets.

Syntax

show ip arp inspection statistics [vlan <vlan-list>]

Default Setting

None

Command Mode

Privileged Exec

Display Message

VLAN: The VLAN ID for each displayed row.

Forwarded: The total number of valid ARP packets forwarded in this VLAN.

Dropped: The total number of not valid ARP packets dropped in this VLAN.

DHCP Drops: The number of packets dropped due to DHCP snooping binding database match
failure.

ACL Drops: The number of packets dropped due to ARP ACL rule match failure.

DHCP Permits: The number of packets permitted due to DHCP snooping binding database match.

ACL Permits: The number of packets permitted due to ARP ACL rule match.

Bad Src MAC: The number of packets dropped due to Source MAC validation failure.

Bad Dest MAC: The number of packets dropped due to Destination MAC validation failure.

Invalid IP: The number of packets dropped due to invalid IP checks.

7.20.1.2 show ip arp inspection

This command displays the Dynamic ARP Inspection global configuration and configuration on all the
VLANs. With the vlan-list argument (i.e. comma separated VLAN ranges), the command displays the
global configuration and configuration on all the VLANs in the given VLAN list. The global configuration
includes the source mac validation, destination mac validation and invalid IP validation information.

Syntax

show ip arp inspection [vlan <vlan-list>]

Default Setting

None