User Manual
UMN:CLI
V8102
273
To specify the range of IP address to forward ARP packets, use the following command.
Command
Mode
Description
permit ip any mac
{
any
|
host
MACADDR
}
ARP-ACL
Permits ARP packets of all IP addresses with all MAC
addresses which have not learned before on ARP in-
spection table or a specific MAC address.
any: ignores sender MAC address
host: sender host
MACADDR: sender MAC address
permit ip host A.B.C.D
mac
{
any
|
host
MACADDR
}
Permits ARP packets from a specific host.
MACADDR: MAC address
permit ip range A.B.C.D A.B.C.D
mac any
Permits ARP packets of a given range of IP addresses.
A.B.C.D: start/end IP address of sender
permit ip
A.B.C.D/A
mac
{
any
|
host
MACADDR
}
Permits ARP packets of a sender IP network address-
es.
A.B.C.D/A: sender IP network address
permit ip
{
any
|
host A.B.C.D
|
A.B.C.D/A
}
mac pattern WORD
offset
<0-5>
Permits ARP packets according to IP address and
MAC address pattern.
any: ignores sender IP address
A.B.C.D: sender IP address of host
A.B.C.D/A: sender IP network address
PATTERN: MAC address pattern (e.g. 10, 10:11,
~
10:10:11:20:20)
offset: character location within sender MAC address
pattern
To delete the configured ranged of IP address to permit ARP packets, use the following
command.
Command
Mode
Description
no permit ip any mac
{
any
|
host
MACADDR
}
ARP-ACL
Deletes a configured range of IP address to permit
ARP packets.
any: ignores sender MAC address
host: sender host
MACADDR: sender MAC address
A.B.C.D: start/end IP address of sender
A.B.C.D/A: sender IP network address
PATTERN: MAC address pattern (e.g. 10, 10:11,
~
10:10:11:20:20)
offset: character location within sender MAC address
pattern
no permit ip host A.B.C.D
mac
{
any
|
host
MACADDR
}
no permit ip range A.B.C.D
A.B.C.D
mac any
no permit ip
A.B.C.D/A
mac
{
any
|
host
MACADDR
}
no permit ip
{
any
|
host A.B.C.D
|
A.B.C.D/A
}
mac pattern PAT-
TERN offset
<0-5>
By the following command, the ARP access list also refers to a DHCP snooping binding
table to permit the ARP packets for DHCP users. This reference enables the system to
permit ARP packets only for the IP addresses on the DHCP snooping binding table. The
ARP access list with the DHCP snooping allows IP communications to users authorized