Owners manual
DGS-1510 Series Gigabit Ethernet SmartPro Switch CLI Reference Guide
233
no ip arp inspection vlan VLAN-ID [, | -]
Parameters
vlan VLAN-ID
Specifies the VLAN to enable or disable the ARP inspection function.
,
(Optional) Specifies a series of interfaces, or separate a range of
interfaces from a previous range. No space is allowed before and after
the comma.
-
(Optional) Specifies a range of interfaces. No space is allowed before
and after the hyphen.
Default
By default, ARP inspection is disabled on all VLANs.
Command Mode
Global Configuration Mode.
Command Default Level
Level: 12.
Usage Guideline
When a VLAN is enabled for ARP inspection, the ARP packets, including both the ARP request and
response packet belonging to the VLAN arriving at the untrusted interface will be validated. If the IP-to-
MAC address binding pair of the source MAC address and the source IP address is not permitted by the
ARP ACL or the DHCP snooping binding database, the ARP packet will be dropped. In addition to the
address binding check, the additional check defined by the IP ARP inspection validate command will also
be checked.
Example
This example shows how to enable ARP inspection on VLAN 2.
Switch# configure terminal
Switch(config)# ip arp inspection vlan 2
Switch(config)#
25-10 ip arp inspection vlan logging
This command is used to control the type of packets that are logged. Use the no form of the command to
revert the setting to default.
ip arp inspection vlan VLAN-ID [, | -] logging {acl-match {permit | all | none} | dhcp-bindings
{permit | all | none}}
no ip arp inspection vlan VLAN-ID [, | -] logging {acl-match | dhcp-bindings}
Parameters
vlan VLAN-ID
Specifies the VLAN to enable or disable the logging control function.
,
(Optional) Specifies a series of interfaces, or separate a range of
interfaces from a previous range. No space is allowed before and after
the comma.