Configuration Condition
None
Configure a Static ARP Entry
Configuring static ARP means that a user manually specifies the mapping between IP addresses and MAC addresses.
Table 1-2 Configuring Static ARP
Step
|
Command
|
Description
|
Enter the global configuration mode.
|
configure terminal
|
-
|
Configure a static ARP entry.
|
arp [ vrf vrf-name ] { ip-address | host-name } mac-address [alias [ advertise ] | advertise [ alias ] ] [vlan vlan-id {{ interface if-name} | { link-aggregation link-aggregation-id }}]
|
Mandatory.
|
-
When the configured static ARP entry contains an alias, if an ARP request for this IP address is received, the MAC address in the static ARP entry is used for response.
- When the configured static ARP entry contains an advertise option, the static ARP will be regularly advertised when the static ARP advertisement is enabled.
- When the static ARP is bound to the specific port or aggregation group, the static ARP just takes effect on the port or aggregation group.
Configure Local ARP Advertising
ARP request packet is the broadcast packet. When there are lots of ARP requests in the network, it is easy to generate the broadcast storm on the network and as a result, the normal ARP request packets may be flooded and cannot learn ARP. In the case, we can configure the local ARP advertising function to reduce the ARP requests and the possibility of the broadcast storm.
Table 1-3 Configure the Local ARP Advertising
Step
|
Command
|
Description
|
Enter the global configuration mode
|
configure terminal
|
-
|
Configure local ARP advertising
|
arp local-announce enable
|
Mandatory
|
Configure the interval of the local ARP advertising
|
arp local-announce interval seconds
|
Optional
By default, it is 10s.
|
Configure the rate of the local ARP advertising
|
arp local-announce rate speed
|
Optional
By default, it is one packet every second.
|
Configure the Maximum Number of Dynamic ARP Entries
The purpose of configuring the maximum number of dynamic ARP entries is to prevent dynamically learned ARP from occupying too many system resources.
Table 1-4 Configuring the Maximum Number of Dynamic ARP Entries
Step
|
Command
|
Description
|
Enter the global configuration mode.
|
configure terminal
|
-
|
Configure the maximum number of dynamic ARP entries.
|
arp limited max-entries
|
Mandatory.
By default, the maximum number of dynamic ARP entries is 5000.
|
Configure the Dynamic ARP Aging Time
The life cycle of a dynamically learned ARP entry is the aging time. Within the aging time, the device sends ARP requests periodically. If it receives an ARP response, it resets the aging time. If the aging time expires, the device deletes the dynamic ARP entry.
Table 1-5 Configuring the Dynamic ARP Aging Time
Step
|
Command
|
Description
|
Enter the global configuration mode. |
configure terminal |
- |
Enter the interface configuration mode.
|
interface interface-name
|
-
|
Configure the dynamic ARP aging time.
|
arp timeout { second |
disable }
|
Mandatory.
The default aging time is 1200 seconds.
|
Enable Dynamic ARP learned Function
By default, a device can perform the dynamic APR passive learning. To prevent dynamic learned ARP from occupying too many system resources, you can disable the dynamic ARP passive learning function. After dynamic ARP passive learning is disabled, after the local device receives an ARP request for the MAC address of the local device, it sends an ARP response, but does not generate any related ARP entry. An ARP entry is generated only when the local device actively requests for the MAC address of a peer device.
Table 1-6 Enable the dynamic ARP passive learning function
Step
|
Command
|
Description
|
Enter the global configuration mode.
|
configure terminal
|
-
|
Enable the dynamic ARP passive learning function.
|
arp learn-active
|
Mandatory
By default, enable the dynamic ARP passive learning function.
|
Enable Dynamic ARP Learning
By default, the interface can perform the dynamic ARP learning. To get more reliable security, the user can disable the dynamic ARP learning function of the interface and use the static ARP, so as to prevent the ARP spoofing.
Table 1-7 Enabling Dynamic ARP Learning
Step
|
Command
|
Description
|
Enter the interface configuration mode. |
configure terminal |
- |
Enable dynamic ARP learning.
|
arp learn-active
|
Mandatory.
By default, dynamic ARP learning is enabled.
|
Configure ARP Receive Queue Length
The ARP packets received by the device will be first cached to the ARP receive queue. The system will read the packets from the queue in order and then handle the packets. When the cached ARP packets reach the queue depth, the subsequently received APR packets will be dropped. The user can adjust the ARP receive queue length based on the network ARP emergency.
Table 1-8 Configure the ARP receive queue length
Step
|
Command
|
Description
|
Enter the global configuration mode
|
configure terminal
|
-
|
Configure the ARP receive queue length
|
arp queue-length length
|
Mandatory
The queue length is 200 by default
|
Configure ARP Proxy
An ARP request is sent by the host of one network to another network, and the intermediate device between the two networks can respond to the ARP request. This process is called ARP proxy.
Table 1-9 Configuring ARP Proxy
Step
|
Command
|
Description
|
Enter the global configuration mode.
|
configure terminal
|
-
|
Enter the interface configuration mode.
|
interface interface-name
|
-
|
Configure ARP proxy.
|
ip proxy-arp
|
Mandatory.
By default, the ARP proxy function is enabled.
|