Figure 3-82, Configuring arp inspection, Configuring the switch 3-140 – LevelOne FGL-2870 User Manual

Configuring the Switch

3-140

3

Web – Click Security, ARP Inspection, Configuration. Enable inspection both
globally and for the required VLANs, select an ARP ACL filter to check for statically
configured addresses, select any required additional validation, adjust the logging
parameters if required, specify any untrusted ports which require ARP inspection,
and adjust the packet inspection rate. Then click Apply.

Figure 3-82 Configuring ARP Inspection

CLI – This example configures various inspection parameters for port 1.

Console(config)#ip arp inspection

4-190

Console(config)#ip arp inspection vlan 1,2

4-191

Console(config)#ip arp inspection filter sales vlan 1 static

4-192

Console(config)#ip arp inspection validate dst-mac

4-193

Console(config)#ip arp inspection log-buffer logs 10 interval 100

4-194

Console(config)#interface ethernet 1/1

4-220

Console(config-if)#no ip arp inspection trust

4-195

Console(config-if)#ip arp inspection limit 50

4-195

Console(config-if)#exit
Console#show ip arp inspection configuration

4-196

ARP inspection global information:

Global IP ARP Inspection status : enabled
Log Message Interval : 100 s
Log Message Number : 10
Need Additional Validation(s) : Yes
Additional Validation Type : Destination MAC address
Console#show ip arp inspection interface ethernet 1/1

4-196

Port Number Trust Status Limit Rate (pps)
------------- -------------------- ------------------------------
Eth 1/1 untrusted 50
Console#