Create an ARP Access Control List

You can create an ARP ACL to use with Dynamic ARP Inspection (DAI) and ARP Guard.

Procedure

  1. Access global configuration mode. 
    device# configure terminal
  2. Create the ACL. 
    device(config)# arp access-list ARP_ACL_01
    This example creates an ACL named ARP_ACL_01.
  3. For each ACL rule, specify the IP address and MAC address pairs that are allowed access. 
    device(config-arp-acl)# permit ip host 1.1.1.1 mac host 0020.2222.2222
device(config-arp-acl)# permit ip host 1.1.1.2 mac host 0020.2222.2223

Example

The following example summarizes the commands in this procedure.
device# configure terminal
device(config)# arp access-list ARP_ACL_01
device(config-arp-acl)# permit ip host 1.1.1.1 mac host 0020.2222.2222
device(config-arp-acl)# permit ip host 1.1.1.2 mac host 0020.2222.2223
9036691-01 Rev AA