enable ip-security arp learning learn-from-arp

enable ip-security arp learning learn-from-arp [dynamic | {vlan} vlan_name] ports [all | ports]

Description

Enables ARP learning for the specified VLAN and member ports.

Syntax Description

vlan_name Specifies the name of the VLAN to which this rule applies.
dynamic Configuration options for dynamically created VLANs.
all Specifies all ingress ports.
ports Specifies one or more ingress ports.

Default

By default, ARP learning is enabled.

Usage Guidelines

ARP is part of the TCP/IP suite used to associate a device‘s physical address (MAC address) with its logical address (IP address). The switch broadcasts an ARP request that contains the IP address, and the device with that IP address sends back its MAC address so that traffic can be transmitted across the network. The switch maintains an ARP table (also known as an ARP cache) that displays each MAC address and its corresponding IP address.

By default, the switch builds its ARP table by tracking ARP requests and replies, which is known as ARP learning.

Displaying ARP Information

To display how the switch builds an ARP table and learns MAC addresses for devices on a specific VLAN and associated member ports, use the following command:

show ip-security arp learning {vlan} vlan_name

To view the ARP table, including permanent and DHCP secured ARP entries, use the following command:

show iparp {ip_addre |mac | vlanvlan_name | permanent} {vrvr_name}

Example

The following command enables ARP learning on port 1:1 of the VLAN learn:

enable ip-security arp learning learn-from-arp vlan learn ports 1:1

History

This command was first available in ExtremeXOS 11.6.

Dynamic VLAN option added in ExtremeXOS 30.2.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, and X695 series switches.