ARP Detection Configuration

show anti attack check config show anti attack check config \[command show anti attack ckeck config \[purpose] view arp detection configuration \[view] system view \[use cases] sonic# show anti attack check config + + + \| interfaces | check mode | +==============+==============+ \| vlan43 | true | + + + arp anti attack check enable arp anti attack check enable \[command] arp anti attack check enable no arp anti attack check enable \[purpose] enable the arp detection function \[view] vlan view,interface view \[usage scenario] after enabling arp snooping detection function, the device will compare the source ip, source mac, snooping table entry and user bind table entry of the received arp packet, if it can hit, the user of the arp packet is a legitimate user and the arp packet of this user is allowed to pass, otherwise it is considered an illegal user and the arp packet is dropped \[use cases] sonic(config)# vlan 100 sonic(config vlan 100)# arp anti attack check enable arp anti attack check trusted interface arp anti attack check trusted interface \[command] arp anti attack check trusted interface vlan vlan id arp anti attack check trusted interface no arp anti attack check trusted interface vlan vlan id no arp anti attack check trusted interface \[purpose] configuring arp detection trusted ports or trusted vlan \[view] interface view \[notes] after configured as an arp detection trusted port, arp packets received from this port will not be checked and all are allowed to pass \[use cases] sonic(config)# interface ethernet 1 sonic(config if 1)# arp anti attack check trusted interface vlan 10