You can define the trusted and untrusted
interfaces under Dynamic ARP Inspection (DAI).
About this task
An interface is untrusted by default.
Procedure
-
Access global configuration
mode.
device# configure terminal
-
Access interface configuration mode.
device(config)# interface ethernet 2/3
-
To define an interface as trusted, run the ip arp inspection
trust command.
device(conf-if-eth-2/3)# ip arp inspection trust
-
To define a trusted interface as untrusted, run the no ip arp
inspection trust command.
device(conf-if-eth-2/3)# no ip arp inspection trust
Example
The following example defines a port-channel
interface as trusted.
device# configure terminal
device(config)# interface port-channel 200
device(config-Port-channel-200)# ip arp inspection trust
Example
The following example defines a port-channel interface as untrusted.
device# configure terminal
device(config)# interface port-channel 200
device(config-Port-channel-200)# no ip arp inspection trust
