Manualshelf

Users Guide

ManualsBrandsDell ManualsAccess PlatformsPowerSwitch N1500 Series
381382383384385386387388389390
Layer 2 Switching Commands 381
Dynamic ARP Inspection
Commands
Dell EMC Networking N1500/N2000/N2100-ON/N2200-ON/N3000-
ON/N3100-ON/N3200-ON Series Switches
Dynamic ARP Inspection (DAI) is a security feature that rejects invalid or
malicious ARP packets. The feature prevents a class of man-in-the-middle
attacks, where an unfriendly station intercepts traffic for other stations by
poisoning the ARP caches of its neighbors. The attacker sends ARP requests
or responses mapping another station IP address to its own MAC address.
DAI drops ARP packets whose sender MAC address and sender IP address do
not match an entry in the DHCP Snooping bindings database.
arp ip access-list
Use the arp access-list command to create an ARP ACL. It will place the user
in ARP ACL Configuration mode. Use the “no” form of this command to
delete an ARP ACL.
Syntax
arp ip access-list acl-name
no arp ip access-list acl-name
acl-name — A valid ARP ACL name (Range: 1–31 characters).
Default Configuration
There are no ARP ACLs created by default.
Command Mode
Global Configuration mode
User Guidelines
There are no user guidelines for this command.