Configuring Dynamic ARP Inspection in DHCP Environments
Command or Action
Step 5
Interfaceinterface-id
Example:
Switch(config)# interface
gigabitethernet1/0/1
Step 6
ip arp inspection trust
Example:
Switch(config-if)#ip arp inspection trust
Step 7
end
Example:
Switch(config-if)#end
Step 8
show ip arp inspection interfaces
Example:
Step 9
show ip arp inspection vlan vlan-range
Example:
Switch(config-if)#show ip arp inspection
vlan 1
Step 10
show ip dhcp snooping binding
Example:
Switch(config-if)#show ip dhcp snooping
binding
Step 11
show ip arp inspection statistics vlan
vlan-range
Example:
Switch(config-if)#show ip arp inspection
statistics vlan 1
Step 12
configure terminal
Example:
Switch# configure terminal
Consolidated Platform Configuration Guide, Cisco IOS Release 15.2(4)E (Catalyst 2960-X Switches)
1310
Purpose
Specifies the interface connected to the other switch, and enter
interface configuration mode.
Configures the connection between the switches as trusted. By
default, all interfaces are untrusted.
The switch does not check ARP packets that it receives from the
other switch on the trusted interface. It simply forwards the packets.
For untrusted interfaces, the switch intercepts all ARP requests and
responses. It verifies that the intercepted packets have valid
IP-to-MAC address bindings before updating the local cache and
before forwarding the packet to the appropriate destination. The
switch drops invalid packets and logs them in the log buffer
according to the logging configuration specified with the ip arp
inspection vlan logging global configuration command.
Returns to privileged EXEC mode.
Verifies the dynamic ARP inspection configuration on interfaces.
Verifies the dynamic ARP inspection configuration on VLAN.
Verifies the DHCP bindings.
Checks the dynamic ARP inspection statistics on VLAN.
Enters the global configuration mode.