To do…

 

Use the command…

 

Remarks

 

 

 

Quit to system view

 

quit

 

 

 

 

 

 

 

 

 

 

 

 

Enter VLAN view

 

vlan vlan-id

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

Optional

 

 

 

Enable ARP restricted

 

arp restricted-forwarding

 

By default, the ARP restricted

 

 

 

 

 

forwarding function is disabled.

 

 

 

forwarding

 

enable

 

 

 

 

 

 

The device forwards legal ARP

 

 

 

 

 

 

 

 

 

 

 

 

 

 

packets through all its ports.

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

 

z

z z

z

You need to enable DHCP snooping and configure DHCP snooping trusted ports on the device before configuring the ARP attack detection function. For more information about DHCP snooping, refer to the DHCP snooping section in the part discussing DHCP in this manual.

Generally, the uplink port of a device is configured as a trusted port.

Before enabling ARP restricted forwarding, make sure you enable ARP attack detection and configure ARP trusted ports.

You are not recommended to configure ARP attack detection on the ports of an aggregation group.

Configuring Gratuitous ARP

Follow these steps to configure the gratuitous ARP:

 

To do…

Use the command…

Remarks

 

 

Enter system view

system-view

 

 

 

 

 

 

 

 

 

Optional

 

 

Enable the gratuitous ARP

gratuitous-arp-learning

By default, the gratuitous ARP

 

 

packet learning function

enable

packet learning function is

 

 

 

 

enabled.

 

 

 

 

 

 

The sending of gratuitous ARP packets is enabled as long as a device operates. No command is needed for enabling this function. That is, the device sends gratuitous ARP packets whenever a VLAN interface is enabled (such as when a link is enabled or an IP address is configured for the VLAN interface) or whenever the IP address of a VLAN interface is changed.

1-7

Page 422
Image 422
3Com WX3000 operation manual Configuring Gratuitous ARP, Arp restricted-forwarding, Gratuitous-arp-learning