3com S7906E 설치 설명서

 

1-7 

Enter system view 

system-view 

— 

Enter VLAN view 

vlan vlan-id 

— 

Enable ARP detection for 
the VLAN 

arp detection enable 

Required 

Disabled by default. That is, ARP 
detection based on static IP Source 
Guard binding entries/DHCP snooping 
entries/802.1X security entries/OUI MAC 
addresses is not enabled by default. 

Return to system view 

— 

Enter Ethernet interface 
view 

interface interface-type 
interface-number 

— 

Configure the port as a 
trusted port on which ARP 
detection does not apply 

Optional 

The port is an untrusted port by default. 

 

z 

When configuring this feature, you need to configure ARP detection based on at least static IP 

Source Guard binding entries, DHCP snooping entries, or 802.1X security entries. Otherwise, all 

ARP packets received from an ARP untrusted port will be discarded, except the ARP packets with 

an OUI MAC address as the sender MAC address when voice VLAN is enabled. 

z 

When configuring an IP Source Guard binding entry, you need to specify the VLAN; otherwise, no 

ARP packet will pass the ARP detection based on static IP Source Guard binding entries. 

 

Display the VLANs enabled 
with ARP detection 

display arp detection 

Available in any view 

Display the ARP detection 
statistics 

display arp detection statistics [ interface 
interface-type interface-number ] 

Available in any view 

Clear the ARP detection 
statistics  

reset arp detection statistics [ interface 
interface-type interface-number ] 

Available in user view

 

As shown in 

, configure Switch A as a DHCP server and enable DHCP snooping on Switch B. 

Configure Host A as a DHCP client. Configure Host B whose IP address is 10.1.1.6 and MAC address 

is 0001-0203-0607. Enable ARP detection for VLAN 10 to allow only packets from valid clients or hosts 

to pass.