DAI: https://youtu.be/gaUVWh6sSag
- Uses DHCP Snooping table
- Configured using " ip arp inspection vlan 30"
- We can use "ip arp inspect trust" to disable ARP inspection on a particular port
For Ex. if we have a port connected to a Switch which has a static IP address configured,
that Switch's IP address/MAC address info will not be captured in DHCP snooping table.
So, any packet coming from that router cannot be checked for ARP inspection. In such cases, it would make sense to configure
such ports as "trusted" using "ip arp inspect trust" to allow traffic from the router without going through ARP inspection.
- Use CLI "show ip arp inspection vlan 30"
No comments:
Post a Comment