Configuring ARP restricted forwarding
About ARP restricted forwarding
ARP restricted forwarding does not take effect on ARP packets received on ARP trusted interfaces and forwards the ARP packets correctly. This feature controls the forwarding of ARP packets that are received on untrusted interfaces and have passed user validity check as follows:
If the packets are ARP requests, they are forwarded through the trusted interface.
If the packets are ARP replies, they are forwarded according to their destination MAC address. If no match is found in the MAC address table, they are forwarded through the trusted interface.
Restrictions and guidelines
ARP restricted forwarding does not apply to ARP packets that use multiport destination MAC addresses.
Prerequisites
Configure user validity check before you configure ARP restricted forwarding. For information about user validity check configuration, see "Configuring user validity check."
Procedure
Enter system view.
system-view
Enter VLAN view.
vlan vlan-id
Enable ARP restricted forwarding.
arp restricted-forwarding enable
By default, ARP restricted forwarding is disabled.