Configuring the ARP detection logging function
The ARP detection logging function enables a device to generate ARP detection log messages when ARP
packet attacks are detected. An ARP detection log message can include the following information:
•
Receiving interface of the ARP packets.
Sender IP address.
•
Total number of ARP packets dropped.
•
The following is an example of an ARP detection log message:
Detected an inspection occurred on interface Ethernet1/0/1 with IP address 172.18.48.55
(Total 10 packets dropped).
To configure the ARP detection logging function:
Step
1.
Enter system view.
2.
Enable the ARP detection
logging function.
Displaying and maintaining ARP detection
Task
Display the VLANs enabled
with ARP detection.
Display the ARP detection
statistics.
Clear the ARP detection
statistics.
User validity check configuration example
Network requirements
As shown in
entries for connected hosts.
Command
system-view
arp detection log enable
Command
display arp detection [ | { begin | exclude |
include } regular-expression ]
display arp detection statistics [ interface
interface-type interface-number ] [ | { begin |
exclude | include } regular-expression ]
reset arp detection statistics [ interface
interface-type interface-number ]
Figure 1
18, configure Switch B to perform user validity check based on 802.1X security
383
Remarks
N/A
By default, the ARP detection
logging function is enabled.
Remarks
Available in any view
Available in any view
Available in user view