24-13
Cisco IE 3000 Switch Software Configuration Guide
OL-13018-03
Chapter 24 Configuring Dynamic ARP Inspection
Configuring Dynamic ARP Inspection
Configuring the Log Buffer
When the switch drops a packet, it places an entry in the log buffer and then generates system messages
on a rate-controlled basis. After the message is generated, the switch clears the entry from the log buffer.
Each log entry contains flow information, such as the receiving VLAN, the port number, the source and
destination IP addresses, and the source and destination MAC addresses.
A log-buffer entry can represent more than one packet. For example, if an interface receives many
packets on the same VLAN with the same ARP parameters, the switch combines the packets as one entry
in the log buffer and generates a single system message for the entry.
If the log buffer overflows, it means that a log event does not fit into the log buffer, and the display for
the
show ip arp inspection log
privileged EXEC command is affected. A -- in the display appears in
place of all data except the packet count and the time. No other statistics are provided for the entry. If
you see this entry in the display, increase the number of entries in the log buffer or increase the logging
rate.
Beginning in privileged EXEC mode, follow these steps to configure the log buffer. This procedure is
optional.
Command
Purpose
Step 1
configure terminal
Enter global configuration mode.
Step 2
ip arp inspection log-buffer
{
entries
number
|
logs
number
interval
seconds
}
Configure the dynamic ARP inspection logging buffer.
By default, when dynamic ARP inspection is enabled, denied or dropped
ARP packets are logged. The number of log entries is 32. The number of
system messages is limited to 5 per second. The logging-rate interval is 1
second.
The keywords have these meanings:
•
For
entries
number
, specify the number of entries to be logged in the
buffer. The range is 0 to 1024.
•
For
logs
number
interval
seconds
, specify the number of entries to
generate system messages in the specified interval.
For
logs
number
, the range is 0 to 1024. A 0 value means that the entry
is placed in the log buffer, but a system message is not generated.
For
interval
seconds
, the range is 0 to 86400 seconds (1 day). A 0 value
means that a system message is immediately generated (and the log
buffer is always empty).
An interval setting of 0 overrides a log setting of 0.
The
logs
and
interval
settings interact. If the
logs
number
X is greater than
interval
seconds
Y, X divided by Y (X/Y) system messages are sent every
second. Otherwise, one system message is sent every Y divided by X (Y/X)
seconds.