Verifying Dynamic ARP protection configuration
To display the current configuration of dynamic ARP protection, including additional validation
checks and the trusted ports that are configured, enter the show arp-protect command:
Example 9 The show arp-protect command
HP Switch(config)# show arp-protect
ARP Protection Information
Enabled Vlans : 1-4094
Validate : dest-mac, src-mac
Port Trust
----- -----
5 Yes
6 Yes
7 No
8 No
9 No
Displaying ARP packet statistics
To display statistics about forwarded ARP packets, dropped ARP packets, MAC validation failure,
and IP validation failures, enter the show arp-protect statistics VLAN-ID-RANGE
command:
Example 10 The show arp-protect statistics command
HP Switch(config)# show arp-protect statistics 1-2
Status and Counters - ARP Protection Counters for VLAN 1
Forwarded pkts : 10 Bad source mac : 2
Bad bindings : 1 Bad destination mac: 1
Malformed pkts : 0 Bad IP address : 0
Status and Counters - ARP Protection Counters for VLAN 2
Forwarded pkts : 1 Bad source mac : 1
Bad bindings : 1 Bad destination mac: 1
Malformed pkts : 1 Bad IP address : 1
Monitoring dynamic ARP protection
With dynamic ARP protection enabled, you can monitor and troubleshoot the validation of ARP
packets with the debug arp-protect command. Use this command to debug the following
conditions:
• The switch drops valid ARP packets that should be allowed.
• The switch allows invalid ARP packets that should be dropped.
Dynamic ARP protection 19
To Next Page
Loading...
Need help?
General
