Ip arp inspection limit – Microsens MS453490M Management Guide User Manual
Page 678
C
HAPTER
25
| General Security Measures
ARP Inspection
– 678 –
D
EFAULT
S
ETTING
Disabled on all VLANs
C
OMMAND
M
ODE
Global Configuration
C
OMMAND
U
SAGE
◆
When ARP Inspection is enabled globally with the
command, it becomes active only on those VLANs where it has been
enabled with this command.
◆
When ARP Inspection is enabled globally and enabled on selected
VLANs, all ARP request and reply packets on those VLANs are
redirected to the CPU and their switching is handled by the ARP
Inspection engine.
◆
When ARP Inspection is disabled globally, it becomes inactive for all
VLANs, including those where ARP Inspection is enabled.
◆
When ARP Inspection is disabled, all ARP request and reply packets
bypass the ARP Inspection engine and their manner of switching
matches that of all other packets.
◆
Disabling and then re-enabling global ARP Inspection will not affect the
ARP Inspection configuration for any VLANs.
◆
When ARP Inspection is disabled globally, it is still possible to configure
ARP Inspection for individual VLANs. These configuration changes will
only become active after ARP Inspection is globally enabled again.
E
XAMPLE
Console(config)#ip arp inspection vlan 1,2
Console(config)#
ip arp inspection
limit
This command sets a rate limit for the ARP packets received on a port. Use
the no form to restore the default setting.
S
YNTAX
ip arp inspection limit {rate pps | none}
no ip arp inspection limit
pps - The maximum number of ARP packets that can be processed
by the CPU per second. (Range: 0-2048, where 0 means that no
ARP packets can be forwarded)
none - There is no limit on the number of ARP packets that can be
processed by the CPU.
D
EFAULT
S
ETTING
15