Configuring vlan settings for arp inspection, Figure 212 confi – Brocade Communications Systems Brocate Ethernet Access Switch 6910 User Manual
Page 929
Brocade 6910 Ethernet Access Switch Configuration Guide
879
53-1002581-01
ARP Inspection
41
3. Enable ARP inspection globally, enable any of the address validation options, and adjust any of
the logging parameters if required.
4. Click Apply.
FIGURE 212
Configuring Global Settings for ARP Inspection
Configuring VLAN Settings for ARP Inspection
Use the Security > ARP Inspection (Configure VLAN) page to enable ARP inspection for any VLAN
and to specify the ARP ACL to use.
CLI References
•
Command Usage
ARP Inspection VLAN Filters (ACLs)
•
By default, no ARP Inspection ACLs are configured and the feature is disabled.
•
ARP Inspection ACLs are configured within the ARP ACL configuration page (see
•
ARP Inspection ACLs can be applied to any configured VLAN.
•
ARP Inspection uses the DHCP snooping bindings database for the list of valid IP-to-MAC
address bindings. ARP ACLs take precedence over entries in the DHCP snooping bindings
database. The switch first compares ARP packets to any specified ARP ACLs.
•
If Static is specified, ARP packets are only validated against the selected ACL – packets are
filtered according to any matching rules, packets not matching any rules are dropped, and the
DHCP snooping bindings database check is bypassed.
•
If Static is not specified, ARP packets are first validated against the selected ACL; if no ACL
rules match the packets, then the DHCP snooping bindings database determines their validity.
Parameters
These parameters are displayed:
•
ARP Inspection VLAN ID – Selects any configured VLAN. (Default: 1)
•
ARP Inspection VLAN Status – Enables ARP Inspection for the selected VLAN. (Default:
Disabled)
•
ARP Inspection ACL Name