HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 268
ARP detection configuration commands, arp detection
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 268 highlights
Parameters None Description Use arp anti-attack active-ack enable to enable the ARP active acknowledgement function. Use undo arp anti-attack active-ack enable to restore the default. By default, the ARP active acknowledgement function is disabled. This feature is configured on gateway devices to identify invalid ARP packets. Examples # Enable the ARP active acknowledgement function. system-view [Sysname] arp anti-attack active-ack enable ARP detection configuration commands arp detection Syntax arp detection id-number { permit | deny } ip { any | ip-address [ ip-address-mask ] } mac { any | mac-address [ mac-address-mask ] } [ vlan vlan-id ] undo arp detection id-number Views System view Default level 2: System level Parameters id-number: Specifies the ID of the rule, in the range of 0 to 511. A lower value refers to a higher priority. deny: Denies ARP packets matching the rule. permit: Permit ARP packets matching the rule. ip { any | ip-address [ ip-address-mask ] }: Specifies an IP address range for matching sender IP addresses of ARP packets. • any: Matches any sender IP address. • ip-address: Matches the specified sender IP address. • ip-address-mask: Specifies a mask for the IP address, in dotted-decimal format. The ip-address argument without a mask indicates a host address. mac { any | mac-address [ mac-address-mask ] }: Specifies a MAC address range for matching sender MAC addresses of ARP packets. • any: Matches any sender MAC address. • mac-address: Matches the specified sender MAC address, in the format of H-H-H. • mac-address-mask: Specifies a mask for the MAC address, in the format of H-H-H. 259