Cisco WS-C3560X-24T-L Command Reference - Page 165
ip arp inspection trust
View all Cisco WS-C3560X-24T-L manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 165 highlights
Chapter 2 Catalyst 3560 Switch Cisco IOS Commands ip arp inspection trust ip arp inspection trust Use the ip arp inspection trust interface configuration command to configure an interface trust state that determines which incoming Address Resolution Protocol (ARP) packets are inspected. Use the no form of this command to return to the default setting. ip arp inspection trust no ip arp inspection trust This command is available only if your switch is running the IP services image, formerly known as the enhanced multilayer image (EMI). Syntax Description This command has no arguments or keywords. Defaults The interface is untrusted. Command Modes Interface configuration Command History Release 12.2(20)SE Modification This command was introduced. Usage Guidelines The switch does not check ARP packets that it receives on the trusted interface; it simply forwards the packets. For untrusted interfaces, the switch intercepts all ARP requests and responses. It verifies that the intercepted packets have valid IP-to-MAC address bindings before updating the local cache and before forwarding the packet to the appropriate destination. The switch drops invalid packets and logs them in the log buffer according to the logging configuration specified with the ip arp inspection vlan logging global configuration command. Examples This example shows how to configure a port to be trusted: Switch(config)# interface gigabitethernet0/1 Switch(config-if)# ip arp inspection trust You can verify your setting by entering the show ip arp inspection interfaces interface-id privileged EXEC command. 78-16405-05 Catalyst 3560 Switch Command Reference 2-133