xStack
®
DGS-3120 Series Managed Switch CLI Reference Guide
129
Chapter 9
ARP Spoofing Prevention
Command List
config arp_spoofing_prevention
[add gateway_ip <ipaddr> gateway_mac <macaddr> ports
[<portlist> | all] | delete gateway_ip <ipaddr>]
show arp_spoofing_prevention
9-1
config arp_spoofing_prevention
Description
This command is used to configure the spoofing prevention entry to prevent spoofing of MAC for
the protected gateway. When an entry is created, those ARP packets whose sender IP matches
the gateway IP of an entry, but either its sender MAC field or source MAC field doesnot match the
gateway MAC of the entry will be dropped by the system.
Format
config arp_spoofing_prevention [add gateway_ip <ipaddr> gateway_mac <macaddr> ports
[<portlist> | all] | delete gateway_ip <ipaddr>]
Parameters
add
- Specify to add an ARP spoofing prevention entry.
gateway_ip
- Specify a gateway IP address to be configured.
<ipaddr>
- Enter the IP address used for this configuration here.
gateway_mac
- Specify a gateway MAC address to be configured.
<macaddr>
- Enter the MAC address used for this configuration here.
ports
- Specify a range of ports to be configured.
<portlist>
- Enter a list of ports used for the configuration here.
all
- Specify all of ports to be configured.
delete
- Specify to delete an ARP spoofing prevention entry.
gateway_ip
- Specify a gateway ip to be configured.
<ipaddr>
- Enter the IP address used for this configuration here.
Restrictions
Only Administrator and Operator-level users can issue this command.
Example
To configure the ARP spoofing prevention entry: