Netgear M4100-50G Manuel D’Utilisation

The following shows sample CLI display output for the command.

(switch) #show ip source binding

MAC Address        IP Address       Type           Vlan     Interface

-----------------  ---------------  -------------  -----  -------------

00:00:00:00:00:08  1.2.3.4          dhcp-snooping     2        0/1

00:00:00:00:00:09  1.2.3.4          dhcp-snooping     3        0/1

00:00:00:00:00:0A  1.2.3.4          dhcp-snooping     4        0/1

Dynamic ARP Inspection Commands

Dynamic ARP Inspection (DAI) is a security feature that rejects invalid and malicious ARP 
packets. DAI prevents a class of man-in-the-middle attacks, where an unfriendly station 
intercepts traffic for other stations by poisoning the ARP caches of its unsuspecting 
neighbors. The miscreant sends ARP requests or responses mapping another station’s IP 
address to its own MAC address.

DAI relies on DHCP snooping. DHCP snooping listens to DHCP message exchanges and 
builds a binding database of valid {MAC address, IP address, VLAN, and interface} tuples.

When DAI is enabled, the switch drops ARP packets whose sender MAC address and 
sender IP address do not match an entry in the DHCP snooping bindings database. You can 
optionally configure additional ARP packet validation.

Use this command to enable Dynamic ARP Inspection on a list of comma-separated VLAN 
ranges.

disabled

ip arp inspection vlan vlan-list

Use this command to disable Dynamic ARP Inspection on a list of comma-separated VLAN 
ranges.

no ip arp inspection vlan vlan-list

VLAN for the entry.

IP address of the interface in slot/port format.

Global Config

Global Config