I have configured dhcp snooping on the lab and it worked as expected. Now, I am trying to configure Dynamic ARP inspection and I had an understanding that I need to create an ACL for all static ip addresses I have in order for that to work correctly.
However, in the lab setting, I have couple of machines with static IPs and I have not configured any ACL. So, the dhcp snooping table does not have any entry. But still, the static ip machines do not have any problem communicating.
Now, I am really confused about how does it verify if the ARP requests and responses are valid without the entry being there on the IP-to-MAC address binding table?
Yes the MAC address to IP address bindings should be in the DHCP snooping binding database or the static IPs needs to be allowed using ARP ACL for dynamic ARP inspection to work.
Now in your lab did you have the static IP assigned machines on the same switch where ARP inspection was enabled or on a different switch with no ARP inspection? Also did the switch ports with static IP have "ip arp inspection trust" configured on them?
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...