Users Guide

Table Of Contents
Bypass Dynamic ARP Inspection on an interface
Use the following command in INTERFACE mode of a physical or port-channel interface:
arp inspection-trust
Clear DAI statistics
Clear DAI statistics in EXEC mode.
clear ip arp inspection statistics [vlan vlan-name]
View DAI database
View DAI database in EXEC mode
show ip arp inspection database [vlan vlan-name]
Use the vlan option to view DAI database for a specic VLAN.
Example for viewing DAI database
OS10# show ip arp inspection database
Number of entries : 828
Address Hardware Address Interface VLAN
--------------------------------------------------------------------
10.2.1.1 00:40:50:00:00:00 port-channel100 vlan3001
10.1.1.13 00:2a:10:01:00:00 port-channel100 vlan3001
10.1.1.62 00:2a:10:01:00:01 port-channel100 vlan3001
View DAI statistics
You can view valid and invalid ARP requests that the switch has received and replies that the switch has sent.
Use the following command in EXEC mode:
show ip arp inspection statistics vlan vlan-name
Example for viewing DAI statistics
OS10# show ip arp inspection statistics
Dynamic ARP Inspection (DAI) Statistics
---------------------------------------
Valid ARP Requests : 0
Valid ARP Replies : 1000
Invalid ARP Requests : 1000
Invalid ARP Replies : 0
View DAI violation information
show ip arp inspection logging
Example for viewing DAI violation information
OS10# show ip arp inspection database
Number of entries : 3
Address Hardware Address Interface VLAN
------------------------------------------------------------------------------
10.2.1.1 00:40:50:00:00:00 port-channel100 vlan3001
10.1.1.134 00:2a:10:01:00:00 port-channel100 vlan3001
10.1.1.62 00:2a:10:01:00:01 port-channel100 vlan3001
184
System management