Dell FCX624-I Laptop User Manual


  Open as PDF
of 1494
 
PowerConnect B-Series FCX Configuration Guide 1349
53-1002266-01
DHCP snooping
39
Displaying ARP inspection status and ports
To display the ARP inspection status for a VLAN and the trusted/untrusted port, enter the following
command.
Syntax: show ip arp inspection [vlan <vlan_id>]
The <vlan_id> variable specifies the ID of a configured VLAN.
Displaying the ARP table
To display the ARP table, enter the following command .
The command displays all ARP entries in the system. For field definitions, refer to Table 161 on
page 875.
Syntax: show arp
DHCP snooping
Dynamic Host Configuration Protocol (DHCP) snooping enables the Dell PowerConnect device to
filter untrusted DHCP packets in a subnet. DHCP snooping can ward off MiM attacks, such as a
malicious user posing as a DHCP server sending false DHCP server reply packets with the intention
of misdirecting other users. DHCP snooping can also stop unauthorized DHCP servers and prevent
errors due to user mis-configuration of DHCP servers.
Often DHCP snooping is used together with Dynamic ARP Inspection and IP Source Guard.
PowerConnect#show ip arp inspection vlan 2
IP ARP inspection VLAN 2: Disabled
Trusted Ports : ethe 1/4
Untrusted Ports : ethe 2/1 to 2/3 ethe 4/1 to 4/24 ethe 6/1 to 6/4 ethe 8/1 to
8/4
PowerConnect#show arp
Total number of ARP entries: 2, maximum capacity: 6000
No IP Address MAC Address Type Age Port Status
1 10.43.1.1 0004.80a0.4000 Dynamic 0 mgmt1 Valid
2 10.43.1.78 00e0.8160.6ab1 Dynamic 2 mgmt1 Valid