Chapter 14 command for arp guard, 1 arp-guard ip, Guard ip – PLANET WGSW-50040 User Manual

Commands for Security Function Chapter 6 Commands for TACACS+

Chapter 14 Command for

ARP GUARD

14.1 arp-guard ip

Command:

arp-guard ip <addr>

no arp-guard ip <addr>

Function:

Add a ARP GUARD address, the no command deletes ARP GUARD address.

Parameters:

<addr> is the protected IP address, in dotted decimal notation.

Default:

There is no ARP GUARD address by default.

Command Mode:

Port configuration mode

Usage Guide:

After configuring the ARP GUARD address, the ARP messages received from the ports configured

ARP GUARD will be filtered. If the source IP addresses of the ARP messagse match the ARP

GUARD address configured on this port, these messages will be judged as ARP cheating

messages, which will be directly dropped instead of sending to the CPU of the switch or forwarding.

16 ARP GUARD addresses can be configured on each port.

Example:

Configure the ARP GUARD address on port ethernet1/1 as 100.1.1.1.

switch(config)#interface ethernet1/1

switch(Config-If-Ethernet 1/1)#arp-guard ip 100.1.1.1

Delete the ARP GUARD address on port ethernet1/1 as 100.1.1.1.

switch(config)#interface ethernet1/1

switch(Config-If-Ethernet 1/1)#no arp-guard ip 100.1.1.1