Manualshelf

HP MSR2000/3000/4000 Router Series Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router
411412413414415416417418419420
401
Views
System view
Predefined user roles
network-admin
Usage guidelines
Configure this feature on gateways.
After you execute this command, the gateway device can filter out ARP packets whose source MAC
address in the Ethernet header is different from the sender MAC address in the message body.
Examples
# Enable ARP packet source MAC address consistency check.
<Sysname> system-view
[Sysname] arp valid-check enable
ARP active acknowledgement commands
arp active-ack enable
Use arp active-ack enable to enable the ARP active acknowledgement function.
Use undo arp active-ack enable to restore the default.
Syntax
arp active-ack [ strict ] enable
undo arp active-ack [ strict ] enable
Default
The ARP active acknowledgement function is disabled.
Views
System view
Predefined user roles
network-admin
Parameters
Strict: Enables strict mode for ARP active acknowledgement.
Usage guidelines
Configure this feature on gateways to prevent user spoofing.
In strict mode, a gateway can learn an entry only when ARP active acknowledgement is successful based
on the correct ARP resolution.
Examples
# Enable the ARP active acknowledgement function.
<Sysname> system-view
[Sysname] arp active-ack enable