HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 270

arp detection trust Syntax arp detection trust View undo arp detection trust Layer 2 Ethernet interface view, Layer 2 aggregate interface view Default level 2: System level Parameters None Description Use arp detection trust to configure the port as an ARP trusted port. Use undo arp detection trust to restore the default. By default, the port is an ARP untrusted port. Examples # Configure layer 2 Ethernet port GigabitEthernet 1/0/1 as an ARP trusted port. system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] arp detection trust arp detection validate Syntax arp detection validate { dst-mac | ip | src-mac } * View undo arp detection validate [ dst-mac | ip | src-mac ] * System view Default level 2: System level Parameters dst-mac: Checks the target MAC address of ARP responses. If the target MAC address is all-zero, all-one, or inconsistent with the destination MAC address in the Ethernet header, the packet is considered invalid and discarded. ip: Checks the source and destination IP addresses of ARP packets. The all-zero, all-one or multicast IP addresses are considered invalid and the corresponding packets are discarded. With this keyword specified, the source and destination IP addresses of ARP replies, and the source IP address of ARP requests will be checked. src-mac: Checks whether the sender MAC address of an ARP packet is identical to the source MAC address in the Ethernet header. If they are identical, the packet is considered valid; otherwise, the packet is discarded. 261