[x]

 > Configuration example

 

 Next

Configuration example

Network requirements

As shown in Figure 123, Host B launches gateway spoofing attacks to Switch B. As a result, traffic that Switch B intends to send to Switch A is sent to Host B.

Configure Switch B to block such attacks.

Figure 123: Network diagram

Configuration procedure

# Configure ARP gateway protection on Switch B.

<SwitchB> system-view
[SwitchB] interface gigabitethernet 1/0/1
[SwitchB-GigabitEthernet1/0/1] arp filter source 10.1.1.1
[SwitchB-GigabitEthernet1/0/1] quit
[SwitchB] interface gigabitethernet 1/0/2
[SwitchB-GigabitEthernet1/0/2] arp filter source 10.1.1.1

Verifying the configuration

# Verify that GigabitEthernet 1/0/1 and GigabitEthernet 1/0/2 discard the incoming ARP packets whose sender IP address is the IP address of the gateway.

prev

 

up

 next

Configuration procedure 

home

 Configuring ARP filtering

© Copyright 2015, 2017 Hewlett Packard Enterprise Development LP