Debugging dynamic IP lockdown
To enable the debugging of packets dropped by
dynamic IP lockdown, enter the debug dynamic-ip-lockdown command.
Syntax
debug dynamic-ip-lockdown
To send command output to the active CLI session,
enter the debug destination session command.
Counters for denied packets are displayed in
the debug dynamic-ip-lockdown command output. Packet
counts are updated every five minutes. An example of the command output
is shown in Debug dynamic-ip-lockdown command output.
When dynamic IP lockdown drops IP packets in VLAN traffic that do not contain a known source IP-to-MAC address binding for the port on which the packets are received, a message is entered in the event log.
