Define Trusted and Untrusted Interfaces for DAI

An interface is untrusted by default.
  1. Access global configuration mode. 
    device# configure terminal
  2. Access interface configuration mode. 
    device(config)# interface ethernet 2/3
  3. To define an interface as trusted, run the ip arp inspection trust command. 
    device(conf-if-eth-2/3)# ip arp inspection trust
  4. To define a trusted interface as untrusted, run the no ip arp inspection trust command. 
    device(conf-if-eth-2/3)# no ip arp inspection trust

Example

The following example defines a port-channel interface as trusted. 

device# configure terminal
device(config)# interface port-channel 200
device(config-Port-channel-200)# ip arp inspection trust

Example

The following example defines a port-channel interface as untrusted. 

device# configure terminal
device(config)# interface port-channel 200
device(config-Port-channel-200)# no ip arp inspection trust
9037775-00 Rev AA