hit counter script

Cisco Catalyst 3560-X Command Reference Manual page 266

Hide thumbs Also See for Catalyst 3560-X:
Table of Contents

Advertisement

ip arp inspection vlan logging
Usage Guidelines
Examples
Related Commands
Catalyst 3750-X and 3560-X Switch Command Reference
2-234
Downloaded from
www.Manualslib.com
The term logged means that the entry is placed into the log buffer and that a system message is generated.
The acl-match and dhcp-bindings keywords merge with each other; that is, when you configure an ACL
match, the DHCP bindings configuration is not disabled. Use the no form of the command to reset the
logging criteria to their defaults. If neither option is specified, all types of logging are reset to log when
ARP packets are denied. These are the options:
acl-match—Logging on ACL matches is reset to log on deny.
dhcp-bindings—Logging on DHCP binding matches is reset to log on deny.
If neither the acl-match or the dhcp-bindings keywords are specified, all denied packets are logged.
The implicit deny at the end of an ACL does not include the log keyword. This means that when you use
the static keyword in the ip arp inspection filter vlan global configuration command, the ACL
overrides the DHCP bindings. Some denied packets might not be logged unless you explicitly specify
the deny ip any mac any log ACE at the end of the ARP ACL.
This example shows how to configure ARP inspection on VLAN 1 to log packets that match the permit
commands in the ACL:
Switch(config)# arp access-list test1
Switch(config-arp-nacl)# permit request ip any mac any log
Switch(config-arp-nacl)# permit response ip any any mac any any log
Switch(config-arp-nacl)# exit
Switch(config)# ip arp inspection vlan 1 logging acl-match matchlog
You can verify your settings by entering the show ip arp inspection vlan vlan-range privileged EXEC
command.
Command
arp access-list
clear ip arp inspection log
ip arp inspection log-buffer
show inventory
log
show inventory
vlan
vlan-range
manuals search engine
Chapter 2
Catalyst 3750-X and 3560-X Switch Cisco IOS Commands
Description
Defines an ARP ACL.
Clears the dynamic ARP inspection log buffer.
Configures the dynamic ARP inspection logging buffer.
Displays the configuration and contents of the dynamic ARP
inspection log buffer.
Displays the configuration and the operating state of dynamic ARP
inspection for the specified VLAN.
OL-21522-02

Advertisement

Table of Contents
loading

This manual is also suitable for:

Catalyst 3750-x

Table of Contents