Manualshelf

F3726, F3211, F3174, R5135, R3816-HP Firewalls and UTM Devices Attack Protection Command Reference-6PW100

ManualsBrandsHP ManualsComputer AccessoriesHP 7100/7200 IPsec dl Module
51525354555657585960
52
Suppose that the number of dynamic ARP entries is D and that of the existing static ARP entries is S.
When the dynamic ARP entries are changed into static, new dynamic ARP entries may be created
(suppose the number is M) and some of the dynamic ARP entries may be aged out (suppose the number
is N). After the process is complete, the number of static ARP entries is D + S + MN.
To delete a specific static ARP entry changed from a dynamic one, use the undo arp ip-address
[ vpn-instance-name ] command. To delete all such static ARP entries, use the reset arp all or reset arp
static command.
Examples
# Enable Fixed ARP.
<Sysname> system-view
[Sysname] arp fixup
arp scan
Use arp scan to enable ARP automatic scanning in the specified address range for neighbors.
Syntax
arp scan [ start-ip-address to end-ip-address ]
Views
Layer 3 Ethernet interface view, Layer 3 Ethernet subinterface view, VLAN interface view, Layer 3
aggregate interface view, Layer 3 aggregate sub-interface view
Default command level
2: System level
Parameters
start-ip-address: Start IP address of the scanning range.
end-ip-address: End IP address of the scanning range. The end IP address must be higher than or equal
to the start IP address.
Usage guidelines
If the start IP and end IP addresses are specified, the device scans the specific address range for
neighbors and learns their ARP entries, so that the scanning time is reduced. If the specified address
range contains multiple network segments, the sender IP address in the ARP request is the interface
address on the smallest network segment.
If no address range is specified, the device only scans the network where the primary IP address of the
interface resides for neighbors. The sender IP address in the ARP requests is the primary IP address of the
interface.
The start IP address and end IP address must be on the same network as the primary IP address or
manually configured secondary IP addresses of the interface.
IP addresses already exist in ARP entries are not scanned.
ARP automatic scanning may take some time. To stop an ongoing scan, press Ctrl + C. Dynamic ARP
entries are created based on ARP replies received before the scan is terminated.
Examples
# Configure the device to scan the network where the primary IP address of GigabitEthernet 0/1 resides
for neighbors.
<Sysname> system-view