3Com Switch 7750 Configuration Guide Guide

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve 8116fl Redundant Switch Fabric Module

541

542

543

544

545

546

547

548

549

550

550 CHAPTER 52: ARP CONFIGURATION

load and network traffic. To solve this problem, the device allows you to configure

the gratuitous ARP update interval.

Introduction to ARP

Proxy

ARP proxy: A host in a network sends an ARP request to an isolated port in the

same network or to a host in another network. Devices enabled with the ARP

proxy function forward the ARP request, so as to realize the Layer 3 connectivity

among the Lay 2 isolated ports.

In order to realize Lay 3 connectivity among ports in one of the following

conditions, you need to enable the ARP proxy function (Proxy ARP).

■ Super VLAN function is enabled on the Switch 7750 Family.

■ The isolate-user-vlan function is enabled on Layer 2 switches connecting with

the Switch 7750 Family.

■ After ARP proxy is enabled, ports in the same VLAN are interconnected by

default, so that the ARP proxy only processes the ARP requests from different

VLANs and does not deal with the ARP requests from the same VLAN.

■ When isolate-user-vlan function is enabled on the Layer 2 switches connected

with the Switch 7750 Family, ports in the same VLAN cannot communicate

with each other. To realize Layer 3 connectivity among Layer 2 isolated ports in

the same VLAN, you need to enable the VLAN ARP proxy function on the

Switch 7750 Family to make the ARP proxy process the ARP request from the

same VLAN.

Introduction to ARP

Source Suppression

ARP source suppression function is that a switch classifies the received ARP

packets first, and then limits the maximum number of ARP packets with the same

type that can be sent to the CPU at a time to protect CPU from being attacked by

the illegal ARP packets generated when the host scans ARP in the whole network.

The Switch 7750 Family classifies the received ARP packets to the following types:

■ Arbitrary ARP packets, whose source IP address and destination IP address are

not distinguished.

■ ARP pass-by packets with the same source IP address. (their destination IP

addresses are not the IP address of the current switch )

■ ARP packets that with the same source IP address and their destination

addresses are the IP address of the current switch.

According to these types, you can set the maximum number of ARP packets of

each type that can be sent to the CPU at a time on the switch. When the number

of ARP packets received at a time exceeds the corresponding setting, the switch

will regard the exceeding part of ARP packets as illegal ARP packets and discard

them.

ARP Configuration ARP entries in the Switch 7750 Family can either be static entries or dynamic

entries, as described in

Table 418.