Manualshelf

Product guide

ManualsBrandsProCurve ManualsComputer equipment6200yl
411412413414415416417418419420
11-20
Configuring Advanced Threat Protection
Dynamic ARP Protection
You can configure one or more of the validation checks. The following
example of the arp protect validate command shows how to configure the
validation checks for source MAC address and destination AMC address:
ProCurve(config)# arp protect validate src-mac dst-mac
Verifying the Configuration of Dynamic ARP Protection
To display the current configuration of dynamic ARP protection, including the
additional validation checks and the trusted ports that are configured, enter
the show arp protect command:
dst-mac (Optional) Drops any unicast ARP response
packet in which the destination MAC address in
the Ethernet header does not mach the target MAC
address in the body of the ARP packet.
ip (Optional) Drops any ARP packet in which the
sender IP address is invalid. Drops any ARP
response packet in which the target IP address is
invalid. Invalid IP addresses include: 0.0.0.0,
255.255.255.255, all IP multicast addresses, and
all Class E IP addresses.
ARP Protection Information
Enabled Vlans : 1-4094
Validate : dst-mac, src-mac
Port Trust
----- -----
B1 Yes
B2 Yes
B3 No
B4 No
B5 No
ProCurve(config)# show arp protect