Print
this page
Email this topic
Feedback
View PDF
Download EPUBdisable ip-security arp learning learn-from-arp
Description
Disables ARP learning on the specified VLAN and member ports.
Syntax Description
| vlan_name | Specifies the name of the VLAN to which this rule applies. |
| all | Specifies all ingress ports. |
| ports | Specifies one or more ingress ports. |
Default
By default, ARP learning is enabled.
Usage Guidelines
You can disable ARP learning so that the only entries in the ARP table are either manually added or those created by DHCP secured ARP; the switch does not add entries by tracking ARP requests and replies. By disabling ARP learning and adding a permanent entry or configuring DHCP secured ARP, you can centrally manage and allocate client IP addresses and prevent duplicate IP addresses from interrupting network operation.
To manually add a permanent entry to the ARP table, use the following command:
configure iparp add ip_addr {vrvr_name} macTo configure DHCP secure ARP as a method to add entries to the ARP table, use the following command:
enable ip-security arp learning learn-from-dhcp vlan vlan_name ports [all | ports] {poll-interval interval_in_seconds} {retries number_of_retries}Displaying ARP Information
To display how the switch builds an ARP table and learns MAC addresses for devices on a specific VLAN and associated member ports, use the following command:
show ip-security arp learning {vlan} vlan_nameTo view the ARP table, including permanent and DHCP secured ARP entries, use the following command:
show iparp {ip_address | mac | vlanvlan_name | permanent} {vrvr_name}
Note
DHCP secured ARP entries are stored as static entries in the ARP table.
Example
The following command disables ARP learning on port 1:1 of the VLAN learn:
disable ip-security arp learning learn-from-arp vlan learn ports 1:1
History
This command was first available in ExtremeXOS 11.6.
Platform Availability
This command is available on Summit Family switches.