Dynamic arp entry, Static arp entry, Configuring a static arp entry – H3C Technologies H3C S12500 Series Switches User Manual
Page 17
3
An ARP table contains dynamic and static ARP entries.
Dynamic ARP entry
A dynamic entry is automatically created and maintained by ARP. It can age out, be updated by a new
ARP packet, or be overwritten by a static ARP entry. A dynamic ARP entry is removed when its age timer
expires or the interface goes down.
Static ARP entry
A static ARP entry is manually configured and maintained. It does not age out and cannot be overwritten
by any dynamic ARP entry.
Static ARP entries protect communication between devices, because attack packets cannot modify the
IP-to-MAC mapping in a static ARP entry.
Static ARP entries can be classified into long, short, and multiport ARP entries.
•
A long static ARP entry can be directly used to forward packets. When configuring a long static
ARP entry, you must configure a VLAN and outbound interface for the entry in addition to the IP
address and MAC address.
•
A short static ARP entry has only an IP address and a MAC address configured. It cannot be directly
used for forwarding data if the outbound interface is a VLAN interface. If a short static ARP entry
matches an IP packet to be forwarded, the switch sends an ARP request first. If the source IP and
MAC addresses in the received ARP reply are the same as the IP and MAC addresses of the short
static ARP entry, the switch adds the interface receiving the ARP reply into the short static ARP entry.
Then the entry can be used for forwarding IP packets.
•
A multiport ARP entry is generated when the MAC address in a short static ARP entry is the same
as that in a multicast or multiport unicast MAC address entry. A device can use the multiport ARP
entry to send IP packets throughout multiple ports.
NOTE:
•
Usually ARP dynamically resolves IP addresses to MAC addresses, without manual intervention.
•
To allow communication with a host by using a fixed IP-to-MAC mapping, configure a short static ARP
entry for it. To allow communication with a host through a specific interface in a specific VLAN by using
a fixed IP-to-MAC mapping, configure a long static ARP entry for it.
Configuring a static ARP entry
A static ARP entry is effective when the switch works correctly. However, when a VLAN or VLAN interface
is deleted, any static ARP entry corresponding to it will also be deleted (if it is a long static ARP entry) or
will become unresolved (if it is a short and resolved static ARP entry).
When you configure a static ARP entry, follow these guidelines:
•
The vlan-id argument must be the ID of an existing VLAN where the ARP entry resides. The specified
Ethernet interface must belong to that VLAN. The VLAN interface of the VLAN must be created.
•
The IP address of the VLAN interface of the VLAN specified by the vlan-id argument must belong to
the same subnet as the IP address specified by the ip-address argument.
To configure a static ARP entry: