Filter
Top Products
22-14
Catalyst 3560 Switch Software Configuration Guide
OL-8553-06
Chapter 22 Configuring Dynamic ARP Inspection
Displaying Dynamic ARP Inspection Information
To return to the default log buffer settings, use the no ip arp inspection log-buffer {entries | logs}
global configuration command. To return to the default VLAN log settings, use the no ip arp inspection
vlan vlan-range logging {acl-match | dhcp-bindings} global configuration command. To clear the log
buffer, use the clear ip arp inspection log privileged EXEC command.
Displaying Dynamic ARP Inspection Information
To display dynamic ARP inspection information, use the privileged EXEC commands described in
Table 22-2:
To clear or display dynamic ARP inspection statistics, use the privileged EXEC commands in
Table 22-3:
For the show ip arp inspection statistics command, the switch increments the number of forwarded
packets for each ARP request and response packet on a trusted dynamic ARP inspection port. The switch
increments the number of ACL or DHCP permitted packets for each packet that is denied by source
MAC, destination MAC, or IP validation checks, and the switch increments the appropriate failure
count.
To clear or display dynamic ARP inspection logging information, use the privileged EXEC commands
in
Table 22-4:
Step 5
show ip arp inspection log Verify your settings.
Step 6
copy running-config startup-config (Optional) Save your entries in the configuration file.
Command Purpose
Ta ble 22-2 Commands for Displaying Dynamic ARP Inspection Information
Command Description
show arp access-list [acl-name] Displays detailed information about ARP ACLs.
show ip arp inspection interfaces [interface-id] Displays the trust state and the rate limit of ARP packets for the specified
interface or all interfaces.
show ip arp inspection vlan vlan-range Displays the configuration and the operating state of dynamic ARP
inspection for the specified VLAN. If no VLANs are specified or if a
range is specified, displays information only for VLANs with dynamic
ARP inspection enabled (active).
Ta ble 22-3 Commands for Clearing or Displaying Dynamic ARP Inspection Statistics
Command Description
clear ip arp inspection statistics Clears dynamic ARP inspection statistics.
show ip arp inspection statistics [vlan
vlan-range]
Displays statistics for forwarded, dropped, MAC validation failure, IP
validation failure, ACL permitted and denied, and DHCP permitted and
denied packets for the specified VLAN. If no VLANs are specified or if
a range is specified, displays information only for VLANs with dynamic
ARP inspection enabled (active).