Chapter 75 ARP Inspection
XGS2220 Series User’s Guide
502
Figure 368
SECURITY > IPv4 Source Guard > ARP Inspection > ARP Insp. Log Status
The following table describes the labels in this screen.
75.4 ARP Inspection Setup
Use this screen to enable ARP inspection on the Switch. You can also configure the length of time the
Switch stores records of discarded ARP packets and global settings for the ARP inspection log. To open
this screen, click
SECURITY
>
IPv4 Source Guard
>
ARP Inspection
>
ARP Insp. Setup
.
Table 288 SECURITY > IPv4 Source Guard > ARP Inspection > ARP Insp. Log Status
LABEL
DESCRIPTION
Clearing Log Status Table
Click
Clear
to remove all the log messages that were generated by ARP packets and
that have not been sent to the syslog server yet.
Total number of Bindings
This field displays the number of log messages that were generated by ARP packets
and that have not been sent to the syslog server yet. If one or more log messages are
dropped due to unavailable buffer, there is an entry called
overflow
with the current
number of dropped log messages.
Index
This field displays a sequential number for each log message.
Port
This field displays the source port of the ARP packet.
VID
This field displays the source VLAN ID of the ARP packet.
Sender MAC
This field displays the source MAC address of the ARP packet.
Sender IP
This field displays the source IP address of the ARP packet.
Packet Number
This field displays the number of ARP packets that were consolidated into this log
message. The Switch consolidates identical log messages generated by ARP packets
in the log consolidation interval into one log message. You can configure this interval in
the
SECURITY
>
IPv4 Source Guard
>
ARP Inspection
>
ARP Insp. Setup
screen.
Reason
This field displays the reason the log message was generated.
dhcp deny
: An ARP packet was discarded because it violated a dynamic binding with
the same MAC address and VLAN ID.
static deny
: An ARP packet was discarded because it violated a static binding with the
same MAC address and VLAN ID.
deny
: An ARP packet was discarded because there were no bindings with the same
MAC address and VLAN ID.
dhcp permit
: An ARP packet was forwarded because it matched a dynamic binding.
static permit
: An ARP packet was forwarded because it matched a static binding.
In the
SECURITY
>
IPv4 Source Guard
>
ARP Inspection
>
ARP Insp. VLAN
Setup
screen,
you can configure the Switch to generate log messages when ARP packets are
discarded or forwarded based on the VLAN ID of the ARP packet.
Time
This field displays when the log message was generated.