Ip arp inspection filter, Ip arp inspection log-buffer logs – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual

Page 281

Advertising
background image

Brocade 6910 Ethernet Access Switch Configuration Guide

231

53-1002581-01

ARP Inspection

10

ip arp inspection filter

This command specifies an ARP ACL to apply to one or more VLANs. Use the no form to remove an
ACL binding.

Syntax

ip arp inspection filter arp-acl-name vlan {vlan-id | vlan-range} [static]

arp-acl-name - Name of an ARP ACL. (Maximum length: 16 characters)

vlan-id - VLAN ID. (Range: 1-4093)

vlan-range - A consecutive range of VLANs indicated by the use a hyphen, or a random
group of VLANs with each entry separated by a comma.

static - ARP packets are only validated against the specified ACL, address bindings in the
DHCP snooping database is not checked.

Default Setting

ARP ACLs are not bound to any VLAN
Static mode is not enabled

Command Mode

Global Configuration

Command Usage

ARP ACLs are configured with the commands described on

page 871

.

If static mode is enabled, the switch compares ARP packets to the specified ARP ACLs. Packets
matching an IP-to-MAC address binding in a permit or deny rule are processed accordingly.
Packets not matching any of the ACL rules are dropped. Address bindings in the DHCP
snooping database are not checked.

If static mode is not enabled, packets are first validated against the specified ARP ACL.
Packets matching a deny rule are dropped. All remaining packets are validated against the
address bindings in the DHCP snooping database.

Example

Console(config)#ip arp inspection filter sales vlan 1

Console(config)#

ip arp inspection log-buffer logs

This command sets the maximum number of entries saved in a log message, and the rate at which
these messages are sent. Use the no form to restore the default settings.

Syntax

ip arp inspection log-buffer logs message-number interval seconds

no ip arp inspection log-buffer logs

message-number - The maximum number of entries saved in a log message.
(Range: 0-256, where 0 means no events are saved)

seconds - The interval at which log messages are sent. (Range: 0-86400)

Advertising
Popular Brands
Popular manuals