Quick Reference Guide
Dynamic ARP Inspection Commands 347
ip arp inspection filter
Use the ip arp inspection filter command to configure the ARP ACL to be
used for a single VLAN or a range of VLANs to filter invalid ARP packets. If
the static keyword is given, packets that do not match a permit statement are
dropped without consulting the DHCP snooping bindings. Use the “no” form
of this command to unconfigure the ARP ACL.
Syntax
ip arp inspection filter
acl-name
vlan
vlan-range
[static]
no ip arp inspection filter
acl-name
vlan
vlan-range
[static]
•
acl-name
—The name of a valid ARP ACL. (Range: 1–31 characters)
•
vlan-range
—A valid VLAN range.
Default Configuration
No ARP ACL is configured.
Command Mode
Global Configuration mode
User Guidelines
There are no user guidelines for this command.
Example
console(config)#ip arp inspection filter tier1 vlan 2-10 static
console(config)#ip arp inspection filter tier1 vlan 20-30
ip arp inspection limit
Use the ip arp inspection limit command to configure the rate limit and
burst interval values for an interface.
Configuring none for the limit means the interface is not rate limited for
Dynamic ARP Inspection.
Syntax
ip arp inspection limit {none | rate
pps
[burst interval
seconds
]}
2CSNXXX_SWUM200.book Page 347 Tuesday, December 10, 2013 1:22 PM