Command For Arp Guard

6.4 Command for ARP GUARD

6.4.1 arp-guard ip

Command: arp-guard ip <addr>
no arp-guard ip <addr>
Function: Add an ARP GUARD address. The no command deletes the ARP GUARD address.
Parameters:

  • <addr>: protected IP address. The vaid format is dotted decimal notation.

Command mode: Port Configuration Mode
Default: No ARP GUARD address.
Usage guide: After configuring the ARP GUARD address, the ARP messages received from the ports configured with ARP GUARD will be filtered. If the source IP addresses of the ARP messages match the ARP GUARD address configured on this port, these messages will be evaluated as invalid ARP messages. These invalid ARP messages will be dropped instead of being sent to the switch CPU or forwarded. 16 ARP GUARD addresses can be configured on each port.
Example: Configure the ARP GUARD address on port ethernet1/0/1 as 100.1.1.1.

active500EM(config)#interface Ethernet 1/0/1
active500EM(config-If-ethernet1/0/1)#arp-guard ip 100.1.1.1

Delete the ARP GUARD address on port ethernet1/0/1 as 100.1.1.1.

active500EM(config)#interface ethernet 1/0/1
active500EM(config-if-ethernet1/0/1)#no arp-guard ip 100.1.1.1

 


Return to Controller Wired CLI Table of Contents