P Commands
target-IP target-IP-mask
host target-MAC
target-MAC target-MAC-mask
Command Default
ip
Command Modes
ARP ACL configuration
Command History
Release
4.0(1)
Usage Guidelines
A newly created ARP ACL contains no rules.
If you do not specify a sequence number, the device assigns to the rule a sequence number that is 10 greater
than the last rule in the ACL.
When the device applies an ARP ACL to a packet, it evaluates the packet with every rule in the ACL. The
device enforces the first rule that has conditions that are satisfied by the packet. When the conditions of more
than one rule are satisfied, the device enforces the rule with the lowest sequence number.
If you do not specify either the response or request keyword, the rule applies to packets that contain any
ARP message.
IPv4 address and mask for the set of IPv4 addresses
that the target IP address in the packet can match.
You can specify target-IP target-IP-mask only when
you use the response keyword. The target-IP and
target-IP-mask argument must be in dotted-decimal
format. Specifying 255.255.255.255 as the
target-IP-mask argument is the equivalent of using
the host keyword.
Specifies that the rule matches ARP packets only
when the target MAC address in the packet matches
the value of the target-MAC argument. You can
specify host target-MAC only when you use the
response keyword. Valid values for the target-MAC
argument are MAC addresses in dotted-hexadecimal
format.
MAC address and mask for the set of MAC addresses
that the target MAC address in the packet can match.
You can specify target-MAC target-MAC-mask only
when you use the response keyword. The target-MAC
and target-MAC-mask argument must be in
dotted-hexadecimal format. Specifying ffff.ffff.ffff
as the target-MAC-mask argument is the equivalent
of using the host keyword.
Modification
This command was introduced.
Cisco Nexus 7000 Series Security Command Reference
permit (ARP)
539