Concept Guide
Conguring dynamic ARP inspection-limit
To congure dynamic ARP inspection rate limit on a port, perform the following task.
1 Enter into global conguration mode.
EXEC Privilege mode
configure terminal
2 Select the interface to be congured.
CONFIGURATION mode
interface interface-name
3 Congure ARP packet inspection rate limiting.
INTERFACE CONFIGURATION mode
arp inspection-limit {rate pps [interval seconds]}
The rate packet per second (pps) range is from 1 to 2048. The default is 15.
The rate burst interval range is from 1 to 15 seconds. The default is 1.
Examples of viewing the ARP inspection-limit information
DellEMC# show running-config interface tengigabitethernet 1/10
interface TenGigabitEthernet 1/10
no ip address
switchport
arp inspection-limit rate 15 interval 1
no shutdown
DellEMC#
Bypassing the ARP Inspection
You can congure a port to skip ARP inspection by dening the interface as trusted, which is useful in multi-switch environments.
ARPs received on trusted ports bypass validation against the binding table. All ports are untrusted by default.
To bypass the ARP inspection, use the following command.
• Specify an interface as trusted so that ARPs are not validated against the binding table.
INTERFACE mode
arp inspection-trust
Dynamic ARP inspection is supported on Layer 2 and Layer 3.
342
Dynamic Host Conguration Protocol (DHCP)