Cisco Systems 3130 User Manual
22-12
Cisco Catalyst Blade Switch 3130 for Dell Software Configuration Guide
OL-13270-01
Chapter 22 Configuring Dynamic ARP Inspection
Configuring Dynamic ARP Inspection
To return to the default rate-limit configuration, use the no ip arp inspection limit interface
configuration command. To disable error recovery for dynamic ARP inspection, use the no errdisable
recovery cause arp-inspection global configuration command.
configuration command. To disable error recovery for dynamic ARP inspection, use the no errdisable
recovery cause arp-inspection global configuration command.
Performing Validation Checks
Dynamic ARP inspection intercepts, logs, and discards ARP packets with invalid IP-to-MAC address
bindings. You can configure the switch to perform additional checks on the destination MAC address,
the sender and target IP addresses, and the source MAC address.
bindings. You can configure the switch to perform additional checks on the destination MAC address,
the sender and target IP addresses, and the source MAC address.
Step 4
exit
Return to global configuration mode.
Step 5
errdisable detect cause arp-inspection
and
errdisable recovery cause
arp-inspection
arp-inspection
and
errdisable recovery interval interval
(Optional) Enable error recovery from the dynamic ARP inspection
error-disabled state, and configure the dynamic ARP inspection recover
mechanism variables
error-disabled state, and configure the dynamic ARP inspection recover
mechanism variables
By default, recovery is disabled, and the recovery interval is 300
seconds.
seconds.
For interval interval, specify the time in seconds to recover from the
error-disabled state. The range is 30 to 86400.
error-disabled state. The range is 30 to 86400.
Step 6
exit
Return to privileged EXEC mode.
Step 7
show ip arp inspection interfaces
show errdisable recovery
Verify your settings.
Step 8
copy running-config startup-config
(Optional) Save your entries in the configuration file.
Command
Purpose