hit counter script

Arp Inspection - Cisco 300 Series Administration Manual

Managed switch
Hide thumbs Also See for 300 Series:
Table of Contents

Advertisement

18

ARP Inspection

370
The entries in the Binding database are displayed:
VLAN ID—VLAN on which packet is expected.
MAC Address—MAC address to be matched.
IP Address—IP address to be matched.
Interface—Interface on which packet is expected.
Status—Displays whether interface is active.
Type—Displays whether entry is dynamic or static.
Reason—If the interface is not active, displays the reason. The following
reasons are possible:
-
No Problem—Interface is active.
-
No Snoop VLAN—DHCP Snooping is not enabled on the VLAN.
-
Trusted Port—Port has become trusted.
-
Resource Problem—TCAM resources are exhausted.
To see a subset of these entries, enter the relevant search criteria and click Go.
ARP enables IP communication within a Layer 2 Broadcast domain by mapping IP
addresses to a MAC addresses.
A malicious user can attack hosts, switches, and routers connected to a Layer 2
network by poisoning the ARP caches of systems connected to the subnet and by
intercepting traffic intended for other hosts on the subnet. This can happen
because ARP allows a gratuitous reply from a host even if an ARP request was not
received. After the attack, all traffic from the device under attack flows through the
attacker's computer and then to the router, switch, or host.
Cisco Small Business 200, 300 and 500 Series Managed Switch Administration Guide (Internal Version)
Security
ARP Inspection

Advertisement

Table of Contents
loading

Table of Contents