We are using non-DHCP in our network environment. I want to avoid ARP spoofing on the switches. But I found at least three approaches related it,
1. DAI+ARP ACL: ip arp inspection filter ACL vlan IDs
2. IP-MAC binding: arp IP address H.H.H arpa
3. IP-MAC-Port binding: such as
ip source binding H.H.H vlan 100 ip address interface Gi1/x
Is there any difference on these? Thank you.