Filter
Top Products
DES-7200 Configuration Guide Chapter 10 Dynamic ARP Inspection Configuration
10-4
Command Function
DES-7200(config)# no ip arp Inspection vlan
[vlan-id]
Turn off the DAI packet check function switch for
VLAN vlan-id
Disable the DAI packet check function for all
VLANs if vlan-id is ignored
10.2.2 Setting the Trust Status of
Port
This function is used in the layer 2 interface configuration mode, and this layer 2 interface is a
member port of SVI.
All the layer 2 ports are untrusted by default.
If the port is trusted, ARP packets will not be check further. Otherwise, the validity of the
current ARP packet will be checked using information in the DHCP snooping database.
To set the trust status of a port, execute the following commands in the interface configuration
mode:
Command Function
DES-7200(config-if)# ip arp inspection trust
Set the port as a trust port.
DES-7200(config-if)# no ip arp inspection
trust
Set the port as an untrusted port.
10.2.3 Related Configuration of
DHCP Snooping Database
Refer to DHCP Snooping Configuration.
If DHCP Snooping database is not configured, all the ARP packets pass inspection.
10.3 Showing DAI
Configuration
10.3.1 Showing Whether DAI
Function Is Enabled for
VLAN
To show the enabling status of VLAN, execute the following command in the global
configuration mode:
Command Function