xStack® DES-3200 Series Layer 2 Ethernet Managed Switch CLI Reference Guide
414
config arp_spoofing_prevention
Purpose
Used to configure the prevention of ARP spoofing attacks.
Syntax
config arp_spoofing_prevention [add gateway_ip <ipaddr>
gateway_mac <macaddr> ports [<portlist>|all] | delete gateway_ip
<ipaddr>]
Description
This command is used to configure the prevention of ARP spoofing
attacks. Configure the spoofing prevention entry to prevent spoofing of
MAC for the protected gateway. When an entry is created, those ARP
packets whose sender IP matches the gateway IP of an entry but
either its sender MAC field or source MAC field does not match the
gateway MAC of the entry, will be dropped by the system.
Parameters
add gateway_ip – Specify a gateway IP to be configured.
add gateway_mac – Specify a gateway MAC to be configured.
<portlist> – Specify a range of ports to be configured.
all – Specifies all of the ports will be configured.
delete gateway_ip – Specify a gateway IP to be configured.
Restrictions
Only Administrator-level users can issue this command.
Example usage:
To configure ARP spoofing prevention:
DES-3200-28:4#config arp_spoofing_prevention add gateway_ip 10.254.254.251
gateway_mac 00-00-00-11-11-11 ports 1-2
Command: config arp_spoofing_prevention add gateway_ip 10.254.254.251
gateway_mac 00-00-00-11-11-11 ports 1-2
Success.
DES-3200-28:4#