R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution

501

502

503

504

505

506

507

508

509

510

492

Default command level

2: System level

Parameters

start-ip-address: Specifies the start IP address of the scanning range.

end-ip-address: Specifies the end IP address of the scanning range. The end IP address must be higher

than or equal to the start IP address.

Usage guidelines

If the start IP and end IP addresses are specified, the device scans the specific address range for

neighbors and learns their ARP entries, so that the scanning time is reduced. If the specified address

range contains multiple network segments, the sender IP address in the ARP request is the interface

address on the smallest network segment.

If no address range is specified, the device only scans the network where the primary IP address of the

interface resides for neighbors. The sender IP address in the ARP requests is the primary IP address of the

interface.

The start IP address and end IP address must be on the same network as the primary IP address or

manually configured secondary IP addresses of the interface.

IP addresses already exist in ARP entries are not scanned.

ARP automatic scanning might take some time. To stop an ongoing scan, press Ctrl + C. Dynamic ARP

entries are created based on ARP replies received before the scan is terminated.

Examples

# Configure the device to scan the network where the primary IP address of GigabitEthernet 3/0/1

resides for neighbors.

<Sysname> system-view

[Sysname] interface gigabitethernet 3/0/1

[Sysname-GigabitEthernet3/0/1] arp scan

# Configure the device to scan the specific address range for neighbors.

<Sysname> system-view

[Sysname] interface gigabitethernet 3/0/1

[Sysname-GigabitEthernet3/0/1] arp scan 1.1.1.1 to 1.1.1.20

ARP gateway protection configuration commands

NOTE:

The commands of this feature are supported only when SAP modules operate in bridge mode.

arp filter source

Use arp filter source to enable ARP gateway protection for a specific gateway.

Use undo arp filter source to disable ARP gateway protection for the specified gateway.

Syntax

arp filter source ip-address