Filter
Top Products
DES-3500 Layer 2 Fast Ethernet Switch CLI Reference Manual
313
44
ARP SPOOFING PREVENTION COMMANDS
The ARP Spoofing Prevention commands in the Command Line Interface (CLI) are listed (along with the appropriate parameters)
in the following table.
Command Parameters
config arp_spoofing_prevention [add(1) gateway_ip <ipaddr> gateway_mac <macaddr>
ports [<portlist>|all] | delete(2) gateway_ip <ipaddr>]
show arp_spoofing_prevention
Each command is listed, in detail, in the following sections.
config arp_spoofing_prevention
Purpose Used to configure the prevent ARP spoofing attack.
Syntax
config arp_spoofing_prevention [add(1) gateway_ip <ipaddr>
gateway_mac <macaddr> ports [<portlist>|all] | delete(2) gateway_ip
<ipaddr>]
Description The user can configure the spoofing prevention entry to prevent the
spoofing of MAC for the protected gateway. When an entry is created,
those ARP packets whose sender IP matches the gateway IP of an entry,
but either its sender MAC field or source MAC field does not match the
gateway MAC of the entry, it will be dropped by the system. There are a
maximum of 64 entries.
Parameters
gateway_ip – Specifies a gateway ip to be configured.
gateway_mac - Specifies a gateway mac to be configured.
portlist - Specifies a range of ports to be configured.
all - Specifies all of ports to be configured.
Restrictions Only Administrator or Operator – level users can issue this command.
Example usage:
To config ARP Spoofing Prevention:
DES-3526:admin#config arp_spoofing_prevention add gateway_ip
10.254.254.251 gateway_mac 00-00-00-11-11-11 ports 1-2
Command: config arp_spoofing_prevention add gateway_ip
10.254.254.251 gateway_mac 00-00-00-11-11-11 ports 1-2
Success.
DES-3526:admin#
show arp_spoofing_prevention
Purpose Used to display the current ARP spoofing prevention entry.
Syntax
show arp_spoofing_prevention
Description Used to display the ARP spoofing prevention entry that is present on the
Switch.
Parameters None.
Restrictions None.
Example usage: