show ip-security arp validation

show ip-security arp validation [ {vlan} vlan_name | vlan vlan_list]


Displays ARP validation information for the specified VLAN.

Syntax Description

vlan_name Specifies the name of the VLAN.
vlan_list Specifies a VLAN list of IDs.



Usage Guidelines

The switch displays the following ARP validation information:
  • Port—Indicates the port that received the ARP entry.
  • Validation—Indicates how the entry is validated.
  • Violation-action—Determines what action(s) the switch takes when an invalid ARP is received.


The following sample output displays ARP validation on for the VLAN valid:

# show ip-security arp validation vlan valid
Port    Validation              Violation-action
7       DHCP                    drop-packet, block-port for 120 seconds, snmp-trap
23      DHCP                    drop-packet, block-port for 120 seconds, snmp-trap

The following example shows ARP validation if configured through RADIUS:

# show ip-security arp validation "Default"
ARP Validation enabled via RADIUS
Port               Validation             Violation-action
1                  DHCP                   drop-packet
2                  DHCP                   drop-packet
30                 DHCP                   drop-packet


This command was first available in ExtremeXOS 11.6.

The vlan_list variable was added in ExtremeXOS 16.1.

Platform Availability

This command is available on ExtremeSwitching 5320, 5420, 5520, and 5720 series switches.