Siemens S223, S323 ARP Alias, ARP Inspection, To display ARP alias, use the following command

7.13.2ARP Alias

Although clients are joined in same client switch, it may be impossible to communicate between clients for their private security. When you need to make them communicate each other, the hiD 6615 S223/S323 supports ARP alias, which responses ARP request from client net through concentrating switch.

To register address of client net range in ARP alias, use the following command.

To display ARP alias, use the following command.

7.13.3ARP Inspection

ARP provides IP communication by mapping an IP address to a MAC address. But a ma- licious user can attack ARP caches of systems by intercepting traffic intended for other hosts on the subnet. For example, Host B generates a broadcast message for all hosts within the broadcast domain to obtain the MAC address associated with the IP address of Host A. If Host C responses with an IP address of Host A (or B) and a MAC address of Host C, Host A and Host B can use Host C’s MAC address as the destination MAC ad- dress for traffic intended for Host A and Host B.

ARP Inspection is a security feature that validates ARP packets in a network. It intercepts and discards ARP packets with invalid IP-MAC address binding.

To enable and disable ARP Inspection on the hiX 5430 system, use the following com- mand.