Enabling ARP attack detection logging


[IMPORTANT: ]

IMPORTANT:

This feature is available in Release 1121 and later.


The ARP attack detection logging feature enables a device to generate ARP attack detection log messages when illegal ARP packets are detected. An ARP attack detection log message contains the following information:

  1. Receiving interface of the ARP packets.

  2. Sender IP address.

  3. Total number of dropped ARP packets.

The following is an example of an ARP attack detection log message:

Detected an inspection occurred on interface GigabitEthernet1/0/1 with IP address 172.18.48.55 (Total 10 packets dropped).

To enable ARP attack detection logging:

Step

Command

Remarks

1. Enter system view.

system-view

N/A

2. Enable ARP attack detection logging.

arp detection log enable

By default, ARP attack detection logging is disabled.