Specifications
CLI Management Guide
TigerAccess™ EE
216 SMC7824M/VSW
To create/delete ARP access list (ACL), use the following command.
Command Mode Description
arp access-list NAME
Opens ARP ACL configuration mode and creates an
ARP access list.
NAME: ARP access list name
no arp access-list NAME
Global
Deletes an ARP access list.
After opening ARP Access List Configuration mode, the prompt changes from
SWITCH(config)# to SWITCH(config-arp-acl[NAME])#. After opening ARP ACL Configu-
ration mode, a range of IP addresses can be configured to apply ARP inspection.
By default, ARP Access List discards the ARP packets of all IP addresses and MAC ad-
dresses.
To configure the range of IP address to deny ARP packets, use the following command.
Command Mode Description
deny ip any mac {any | host
MACADDR}
Discards all ARP packets of all IP addresses with all
MAC addresses which have not learned before on ARP
inspection table or a specific MAC address
any: ignores sender IP/MAC address
host: sender host
MACADDR: sender MAC address
deny ip host A.B.C.D mac {any |
host MACADDR}
Discards ARP packets from a specific host.
MACADDR: MAC address
deny ip range A.B.C.D A.B.C.D
mac any
Discards ARP packets of a given range of IP ad-
dresses.
A.B.C.D: start/end IP address of sender
deny ip A.B.C.D/A mac {any |
host MACADDR}
ARP-ACL
Discards ARP packets of a sender IP network ad-
dresses.
A.B.C.D/A: sender IP network address
To delete the configured range of IP address for discarding ARP packets, use the follow-
ing command.
Command Mode Description
no deny ip any mac {any | host
MACADDR}
no deny ip host A.B.C.D mac
{any | host MACADDR}
no deny ip range A.B.C.D
A.B.C.D mac any
no deny ip A.B.C.D/A mac {any |
host MACADDR}
ARP-ACL
Deletes a configured range of IP address to discard
ARP packets.
any: ignores sender MAC address
host: sender host
MACADDR: sender MAC address
A.B.C.D: start/end IP address of sender
A.B.C.D/A: sender IP network address
i