Dynamic ARP Inspection

From: Bob Nelson (nelsnjr@cox.net)
Date: Mon Jul 04 2005 - 19:06:31 GMT-3

• Next message: John Matus: "Re: as-path"
• Previous message: khalid mehmood: "info on ccie service provider"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

Hello Holidayers:

I am working through the 3550 Doc CD and have a question regarding ARP
inspection.

I am wondering why in a non-DHCP environment I would have to create an ARP
ACL
for statically configured IP addresses.

Since ARP inspection uses the DHCP snooping binding database, why not
manually add the
static IP/MAC combination to the snooping binding database and have the
switch
work from that, since it checks every ARP packet against it? If it finds a
correct binding
it passes the packet on, if not, the switch drops the ARP packet.

Why go through the trouble of setting up the ARP ACL??

Can someone clarify this, I do not seem to see the answer in the Doc CD.

Thanks,

Bob

• Next message: John Matus: "Re: as-path"
• Previous message: khalid mehmood: "info on ccie service provider"
• Messages sorted by: [ date ] [ thread ] [ subject ] [ author ] [ attachment ]

This archive was generated by hypermail 2.1.4 : Sun Sep 04 2005 - 17:00:29 GMT-3