Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Arp question

Hi,

Is there a way that you can stop arp replies on a cisco switch?

1 REPLY
Hall of Fame Super Silver

Re: Arp question

Hello Mick,

I try to guess:

if your router or switch is answering ARP requests for IP addresses different then their own you need to disable proxy-arp

int vlan 5

no ip proxy-arp

if you want the switch to never answer to ARP requests even if for their own IP address is a different matter.

In this case you should use a VACL and deny traffic with ethertype = ARP protocol

0x0806 ARP, Address Resolution Protocol.

to be sure in both directions

However, not all switch platforms allow to use ethertype based ACL (catOS allows I think)

in this case all legitimate systems will need a static ARP entry to communicate with the switch

Hope to help

Giuseppe

105
Views
0
Helpful
1
Replies