Configuring Arp Restricted Forwarding; Displaying And Maintaining Arp Detection; User Validity Check Configuration Example - HP 10500 Series Configuration Manual

Step
6. Enter Layer 2 Ethernet interface
view or Layer 2 aggregate
interface view.
7. Configure the port as a trusted
port that is excluded from ARP
detection.

Configuring ARP restricted forwarding

ARP restricted forwarding controls the forwarding of ARP packets that are received on untrusted
interfaces and have passed user validity check as follows:
• If the packets are ARP requests, they are forwarded through the trusted interface.
If the packets are ARP replies, they are forwarded according to their destination MAC address. If no
•
match is found in the MAC address table, they are forwarded through the trusted interface.
Before configuring this feature, configure user validity check.
To enable ARP restricted forwarding:
Step
Enter system view.
1.
2. Enter VLAN view.
3. Enable ARP restricted
forwarding.

Displaying and maintaining ARP detection

Task
Display the VLANs enabled
with ARP detection.
Display the ARP detection
statistics.
Clear the ARP detection
statistics.

User validity check configuration example

Network requirements
As shown in
Configure the DHCP server on Switch A.
•
• Configure 802.1X on Switch B.
Enable ARP detection in VLAN 10 to check user validity based on 802.1X entries.
•
Command
display arp detection [ | { begin | exclude |
include } regular-expression ]
display arp detection statistics [ interface
interface-type interface-number ] [ | { begin |
exclude | include } regular-expression ]
reset arp detection statistics [ interface
interface-type interface-number ]
Figure 100,
Command
interface interface-type
interface-number
arp detection trust
Command
system-view
vlan vlan-id
arp restricted-forwarding enable
259
Remarks
N/A
Optional.
The port is an untrusted
port by default.
Remarks
N/A
N/A
Disabled by default.
Remarks
Available in any view.
Available in any view.
Available in user view.