EasyManuals Logo
Home>Cisco>Switch>IE-3000-8TC

Cisco IE-3000-8TC User Manual

Cisco IE-3000-8TC
874 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #485 background imageLoading...
Page #485 background image
24-5
Cisco IE 3000 Switch Software Configuration Guide
OL-13018-03
Chapter 24 Configuring Dynamic ARP Inspection
Configuring Dynamic ARP Inspection
You use the ip arp inspection log-buffer global configuration command to configure the number of
entries in the buffer and the number of entries needed in the specified interval to generate system
messages. You specify the type of packets that are logged by using the ip arp inspection vlan logging
global configuration command. For configuration information, see the
“Configuring the Log Buffer”
section on page 24-13.
Configuring Dynamic ARP Inspection
These sections contain this configuration information:
Default Dynamic ARP Inspection Configuration, page 24-5
Dynamic ARP Inspection Configuration Guidelines, page 24-6
Configuring Dynamic ARP Inspection in DHCP Environments, page 24-7 (required in DHCP
environments)
Configuring ARP ACLs for Non-DHCP Environments, page 24-8 (required in non-DHCP
environments)
Limiting the Rate of Incoming ARP Packets, page 24-10 (optional)
Performing Validation Checks, page 24-12 (optional)
Configuring the Log Buffer, page 24-13 (optional)
Default Dynamic ARP Inspection Configuration
Table 24-1 shows the default dynamic ARP inspection configuration.
Ta b l e 24-1 Default Dynamic ARP Inspection Configuration
Feature Default Setting
Dynamic ARP inspection Disabled on all VLANs.
Interface trust state All interfaces are untrusted.
Rate limit of incoming ARP packets The rate is 15 pps on untrusted interfaces, assuming that
the network is a switched network with a host
connecting to as many as 15 new hosts per second.
The rate is unlimited on all trusted interfaces.
The burst interval is 1 second.
ARP ACLs for non-DHCP environments No ARP ACLs are defined.
Validation checks No checks are performed.
Log buffer When dynamic ARP inspection is enabled, all denied or
dropped ARP packets are logged.
The number of entries in the log is 32.
The number of system messages is limited to 5 per
second.
The logging-rate interval is 1 second.
Per-VLAN logging All denied or dropped ARP packets are logged.

Table of Contents

Other manuals for Cisco IE-3000-8TC

Preview: Hardware Installation Guide
Hardware Installation Guide170 pages
Preview: Administration Guide
Administration Guide496 pages
Preview: Message Guide
Message Guide98 pages

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the Cisco IE-3000-8TC and is the answer not in the manual?

Cisco IE-3000-8TC Specifications

General IconGeneral
BrandCisco
ModelIE-3000-8TC
CategorySwitch
LanguageEnglish

Related product manuals