DAI VLAN Configuration

Use the DAI VLAN Configuration page to select the DAI-capable VLANs for which information is to be displayed or configured.

Use the buttons to perform the following tasks:

To display this page, click Switching > Dynamic ARP Inspection > VLAN in the navigation menu.

Click to expand in new window

Dynamic ARP Inspection VLAN Configuration

Field Description
VLAN ID Lists each VLAN that has been enabled for DAI. After you click Add, use the VLAN ID menu to select the VLAN on which to enable DAI. A VLAN does not need to exist on the system to be enabled for DAI.
Logging Invalid Packets Whether DAI logging is enabled on this VLAN. When logging is enabled, DAI generates a log message whenever an invalid ARP packet is discovered and dropped.
ARP ACL Name The name of the of ARP ACL (Access Control List) that the VLAN uses as the filter for ARP packet validation. The ARP ACL must already exist on the system to associate it with a DAI-enabled VLAN. ARP ACLs include permit rules only.
Static Determines whether to use the DHCP (Dynamic Host Configuration Protocol) snooping database for ARP packet validation if the packet does not match any ARP ACL rules. The options are as follows:
  • Enable: The ARP packet will be validated by the ARP ACL rules only. Packets that do not match any ARP ACL rules are dropped without consulting the DHCP snooping database.
  • Disable: The ARP packet needs further validation by using the entries in the DHCP Snooping database.