2-138
Catalyst 3560 Switch Command Reference
78-16405-05
Chapter 2 Catalyst 3560 Switch Cisco IOS Commands
ip arp inspection vlan logging
ip arp inspection vlan logging
Use the ip arp inspection vlan logging global configuration command to control the type of packets that
are logged per VLAN. Use the no form of this command to disable this logging control.
ip arp inspection vlan vlan-range logging {acl-match {matchlog | none} | dhcp-bindings {all |
none | permit}}
no ip arp inspection vlan vlan-range logging {acl-match | dhcp-bindings}
This command is available only if your switch is running the IP services image, formerly known as the
enhanced multilayer image (EMI).
Syntax Description
Defaults All denied or all dropped packets are logged.
Command Modes Global configuration
Command History
vlan-range Specify the VLANs configured for logging.
You can specify a single VLAN identified by VLAN ID number, a range of
VLANs separated by a hyphen, or a series of VLANs separated by a comma.
The range is 1 to 4094.
acl-match {matchlog |
none}
Specify that the logging of packets is based on access control list (ACL)
matches.
The keywords have these meanings:
• matchlog—Log packets based on the logging configuration specified in
the access control entries (ACE). If you specify the matchlog keyword in
this command and the log keyword in the permit or deny ARP access-list
configuration command, Address Resolution Protocol (ARP) packets
permitted or denied by the ACL are logged.
• none—Do not log packets that match ACLs.
dhcp-bindings
{permit | all | none}
Specify the logging of packets is based on Dynamic Host Configuration
Protocol (DHCP) binding matches.
The keywords have these meanings:
• all—Log all packets that match DHCP bindings.
• none—Do not log packets that match DHCP bindings.
• permit—Log DHCP-binding permitted packets.
Release Modification
12.2(20)SE This command was introduced.
To Next Page
Loading...
Need help?
General