H3C S7500 Series Command Manual(Release 3100 Series)-(V1.04)

DownLoad Chapters Download(101 KB)

22-ARP Commands


Chapter 1  ARP Configuration Commands

1.1  ARP Configuration Commands

1.1.1  arp check enable

Syntax

arp check enable

undo arp check enable

View

System view

Parameters

None

Description

Use the arp check enable command to enable the ARP entry checking function.

Use the undo arp check enable command to disable the ARP entry checking function.

With the ARP entry checking function enabled, the switch cannot learn any ARP entry with a multicast MAC address. Configuring such a static ARP entry is not allowed either; otherwise, the system prompts error information.

After the ARP entry checking function is disabled, the switch can learn the ARP entry with a multicast MAC address, and you can also configure such a static ARP entry on the switch.

By default, the ARP entry checking function is enabled.

Examples

# Disable the ARP entry checking function.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] undo arp check enable

1.1.2  arp gratuitous-updating enable

Syntax

arp gratuitous-updating enable

undo arp gratuitous-updating enable

View

System view

Parameters

None

Description

Use the arp gratuitous-updating enable command to enable gratuitous ARP packets to be sent periodically.

Use the undo arp gratuitous-updating enable command to disable gratuitous ARP packets from being sent periodically. With this function enabled, the switch periodically broadcasts gratuitous ARP packets from the current interface IP address within the VLAN whose interfaces are configured with an IP address.

By default, the switch is disabled from sending gratuitous ARP packets periodically.

With VRRP enabled on a VLAN interface of a switch:

l           If the switch is the master switch, it sends gratuitous ARP messages with the IP address of the VRRP virtual router.

l           If it is not the master switch, it sends gratuitous ARP messages with the primary and all the secondary IP addresses of the VLAN interface.

Examples

# Enable the switch to send gratuitous ARP packets periodically.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] arp gratuitous-updating enable

1.1.3  arp mac-arp-map limit

Syntax

arp mac-arp-map limit number

undo arp mac-arp-map limit

View

System view

Parameters

number: Maximum number of IP addresses to be bound to a MAC address of a VLAN, in the range 1 to 8192.

Description

Use the arp mac-arp-map limit command to set the maximum number of IP addresses to be bound to a MAC address of a VLAN.

Use the undo arp mac-arp-map limit command to restore the default value.

By default, a maximum of two IP addresses can be bound to a MAC address of a VLAN.

Note that:

If secondary IP addresses are configured for a VLAN interface, the specified maximum number of IP addresses to be bound to a MAC address should be bigger than the total number of the primary and secondary IP addresses of the VLAN interface.

Examples

# Set the maximum number of IP addresses to be bound to a MAC address of a VLAN to 5.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] arp mac-arp-map limit 5

1.1.4  arp max-entry

Syntax

arp max-entry number

undo arp max-entry

View

System view

Parameters

number: Total maximum number of ARP entries, in the range of 4,096 to 8,192.

Description

Use the arp max-entry command to set the total maximum number of ARP entries.

Use the undo arp max-entry command to restore the default setting.

By default, the total maximum number of ARP entries is 8,192.

Examples

# Set the total maximum number of ARP entries to 4,096.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] arp max-entry 4096

1.1.5  arp max-dynamic-entry

Syntax

arp max-dynamic-entry number

undo arp max-dynamic-entry

View

Port view

Parameters

number: Maximum number of dynamic ARP entries that can be learnt by the port, ranging from 0 to 8,192.

Description

Use the arp max-dynamic-entry command to set the maximum number of dynamic ARP entries that can be learnt by a port.

Use the undo arp max-dynamic-entry command to restore the default setting.

By default, the maximum number of dynamic ARP entries that can be learnt by a port is 2,048.

Examples

# Set maximum number of dynamic ARP entries that can be learnt by GE 3/0/1 to 6,000.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] interface GigabitEthernet 3/0/1

[H3C-GigabitEthernet3/0/1] arp max-dynamic-entry 6000

1.1.6  arp proxy enable

Syntax

arp proxy enable

undo arp proxy enable

View

VLAN interface view

Parameters

None

Description

Use the arp proxy enable command to enable proxy ARP.

Use the undo arp proxy enable command to disable proxy ARP.

You can use the arp proxy enable command to enable the switch to provide Layer 3 connectivity between hosts that reside in the same network segment but connect with different VLAN interfaces on the switch.

By default, proxy ARP is disabled.

Related commands: display arp proxy.

Examples

# Enable proxy ARP on VLAN-interface 2.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] interface Vlan-interface 2

[H3C-Vlan-interface2] arp proxy enable

1.1.7  arp proxy source-vlan enable

Syntax

arp proxy source-vlan enable

undo arp proxy source-vlan enable

View

VLAN interface view

Parameters

None

Description

Use the arp proxy source-vlan enable command to enable intra-VLAN proxy ARP, so that proxy ARP is able to process intra-VLAN ARP requests to provide Layer 3 connectivity between Layer 2 isolated ports in the same VLAN.

Use the undo arp proxy source-vlan enable command to disable intra-VLAN proxy ARP, so that proxy ARP only processes inter-VLAN ARP requests instead of intra-VLAN ARP request.

By default, intra-VLAN proxy ARP is disabled, and proxy ARP only processes inter-VLAN ARP requests after it is enabled.

Note that, intra-VLAN proxy ARP can be enabled only after proxy ARP is enabled.

Related commands: arp proxy enable, display arp proxy.

Examples

# With proxy ARP enabled, enable intra-VLAN proxy ARP for VLAN 2.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] interface Vlan-interface 2

[H3C-Vlan-interface2] arp proxy source-vlan enable

1.1.8  arp source-suppression limit

Syntax

arp source-suppression limit { total | local | through } limit-value

undo arp source-suppression limit { total | local | through }

View

System view

Parameters

total: Sets the maximum number of total arbitrary ARP packets that can be sent to the CPU in a unit of time. (There is no limit on source and destination IP addresses in ARP packets.)

local: Sets the maximum number of locally-terminated ARP packets (packets having the same source IP address and using the IP address of the current switch as their destination IP address) that can be sent to the CPU in a unit of time.

through: Sets the maximum number of pass-through ARP packets (packets having the same source IP address and not using the IP address of the current switch as their destination IP addresses) that can be sent to the CPU in a unit of time.

limit-value: Maximum number of a type of ARP packets that can be sent to the CPU in a unit of time. When local or total is adopted, this argument ranges from 1 to 4294967295; when through is adopted, the value ranges from 0 to 4294967295.

Description

Use the arp source-suppression limit command to set the maximum number of a type of ARP packets that can be sent to the CPU in a unit of time.

Use the undo arp source-suppression limit command to restore the default setting.

The default setting varies with the type of ARP packets.

l           When total is adopted in the command, the default setting is 100.

l           When local is adopted in the command, the default setting is 3.

l           When through is adopted in the command, the default setting is 3.

Make sure your setting for total is greater than the settings for local and through.

Related commands: display arp source-suppression.

Examples

# Configure to allow a maximum of 200 ARP packets to be sent to the CPU totally.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] arp source-suppression limit total 200

1.1.9  arp static

Syntax

arp static ip-address mac-address [ vlan-id interface-type interface-number ]

undo arp ip-address

View

System view

Parameters

ip-address: IP address for the ARP entry to be created/removed.

mac-address: MAC address for the ARP entry to be created, in the format of H-H-H.

vlan-id: ID of the VLAN to which the static ARP entry belongs, in the range of 1 to 4094.

interface-type: Type of the port to which the static ARP entry belongs.

interface-number: Number of the port to which the static ARP entry belongs.

Description

Use the arp static command to create a static ARP entry in the ARP table.

Use the undo arp command to remove an ARP entry.

By default, there is no static ARP entry in the ARP table, and ARP entries are dynamically created by ARP.

Note that:

l           A static ARP entry keeps valid as long as the Ethernet switch operates normally, but removing the VLAN of the entry removes the ARP entry.

l           The VLAN specified by the vlan-id argument in the arp static command must be an existing VLAN configured with the corresponding VLAN interface and its IP address, and the port specified by the interface-type and interface-number arguments must belong to the VLAN.

Related commands: reset arp, display arp.

Examples

# Create a static ARP entry belonging to Ethernet 2/0/1 in VLAN 1, with IP address 202.38.10.2 and MAC address 000f-e201-0000.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] arp static 202.38.10.2 000f-e201-0000 1 Ethernet 2/0/1

1.1.10  arp timer aging

Syntax

arp timer aging aging-time

undo arp timer aging

View

System view

Parameters

aging-time: Aging time for dynamic ARP entries. This argument ranges from 1 to 1,440 in minutes.

Description

Use the arp timer aging command to configure the aging time for dynamic ARP entries.

Use the undo arp timer aging command to restore the default aging time.

By default, the aging time for dynamic ARP entries is 20 minutes.

Related commands: display arp timer aging.

Examples

# Set the aging time for dynamic ARP entries to 10 minutes.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] arp timer aging 10

1.1.11  arp timer gratuitous-updating

Syntax

arp timer gratuitous-updating updating-interval

undo arp timer gratuitous-updating

View

System view

Parameters

updating-interval: Interval, in minutes, at which gratuitous ARP packets are sent. The value range is 1 to 10.

Description

Use the arp timer gratuitous-updating command to set a gratuitous ARP update interval.

Use the undo arp timer gratuitous-updating command to restore the default gratuitous ARP update interval.

The gratuitous ARP update interval defaults to five minutes after this function is enabled on the switch.

Related commands: arp gratuitous-updating enable.

Examples

# Set the gratuitous ARP update interval to 10 minutes on the switch.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] arp timer gratuitous-updating 10

1.1.12  display arp

Syntax

display arp [ dynamic | static | ip-address ]

View

Any view

Parameters

dynamic: Displays dynamic ARP entries.

static: Displays static ARP entries.

ip-address: IP address. The ARP entry containing this IP address will be displayed.

Description

Use the display arp command to display ARP entries.

Executing this command without any parameter will display all ARP entries.

Related commands: arp static, reset arp.

Examples

# Display all ARP entries.

<H3C> display arp

            Type: S-Static   D-Dynamic

IP Address       MAC Address     VLAN ID  Port Name             Aging Type

10.2.72.162      000a-000a-0aaa  N/A      N/A                    N/A   S

192.168.0.77     0000-e8f5-6a4a  1        Ethernet2/0/2          13    D

192.168.0.2      000d-88f8-4e88  1        Ethernet2/0/2          14    D

192.168.0.200    0014-222c-9d6a  1        Ethernet2/0/2          14    D

192.168.0.45     000d-88f6-44c1  1        Ethernet2/0/2          15    D

192.168.0.110    0011-4301-991e  1        Ethernet2/0/2          15    D

192.168.0.32     0000-e8f5-73ee  1        Ethernet2/0/2          16    D

192.168.0.3      0014-222c-aa69  1        Ethernet2/0/2          16    D

192.168.0.17     000d-88f6-379c  1        Ethernet2/0/2          17    D

192.168.0.115    000d-88f7-9f7d  1        Ethernet2/0/2          18    D

192.168.0.43     000c-760a-172d  1        Ethernet2/0/2          18    D

192.168.0.33     000d-88f6-44ba  1        Ethernet2/0/2          20    D

192.168.0.35     000f-e202-2181  1        Ethernet2/0/2          20    D

192.168.0.5      000f-3d80-2b38  1        Ethernet2/0/2          20    D

 

---   14 entries found   ---

Table 1-1 Description on the fields of the display arp command

Field

Description

IP Address

IP address contained in an ARP entry

MAC Address

MAC address contained in the ARP entry

VLAN ID

ID of the VLAN to which the ARP entry belongs

Port Name

Index of the port to which the ARP entry belongs

Aging

Valid time of the ARP entry if it is a dynamic entry, in minutes

Type

Type of the ARP entry

 

1.1.13  display arp |

Syntax

display arp | { begin | exclude | include } text

View

Any view

Parameters

begin: Displays the ARP entries from the first ARP entry that contains the string specified by the text argument.

exclude: Displays the ARP entries that do not contain the string specified by the text argument.

include: Displays the ARP entries that contain the string specified by the text argument.

text: String used to filter ARP entries.

Description

Use the display arp | command to display the ARP entries matching a specified rule.

Related commands: arp static, reset arp.

Examples

# Display the ARP entries that contain the string “77”.

<H3C> display arp | include 77

            Type: S-Static   D-Dynamic

IP Address       MAC Address     VLAN ID  Port Name            Aging Type

192.168.0.77     0000-e8f5-6a4a  1        Ethernet2/0/2          12    D

 

---   1 entry found   ---

# Display the ARP entries that do not contain the string “68”.

<H3C> display arp | exclude 68

            Type: S-Static   D-Dynamic

IP Address       MAC Address     VLAN ID  Port Name            Aging Type

10.2.72.162      000a-000a-0aaa  N/A      N/A                    N/A   S

 

---   1 entry found   ---

See Table 1-1 for the description of the output fields.

1.1.14  display arp attack-list

Syntax

display arp attack-list

View

Any view

Parameters

None

Description

Use the display arp attack-list command to display the ARP attack information, including the attacking MAC address, IP address and the attack time.

Examples

# Display the ARP attack information.

<H3C> display arp attack-list

MAC ADDR       VLAN IP ADDR        PORT NAME      LAST-ATTACK    COUNT

0000-0000-0001 2    172.1.1.2      Ethernet2/0/1  15:05:34 09/30 2

1.1.15  display arp entry-limit

Syntax

display arp entry-limit [ interface-type interface-number ]

View

Any view

Parameters

interface-type: Port type.

interface-number: Port number.

Description

Use the display arp entry-limit command to display the number limits of ARP entries.

If you specify a port, the command will display the total maximum number of ARP entries and the maximum number of dynamic ARP entries on the port.

If you do not specify a port, the command will display the total maximum number of ARP entries and the maximum number of dynamic ARP entries on each port.

Examples

# Display the current number limits of ARP entries.

<H3C> display arp entry-limit

 The maximum ARP entry number is 8192

 The maximum dynamic ARP entry number of the port GigabitEthernet0/0/1 is 2048

 The maximum dynamic ARP entry number of the port GigabitEthernet0/0/2 is 2048

 The maximum dynamic ARP entry number of the port GigabitEthernet0/0/3 is 2048

 The maximum dynamic ARP entry number of the port GigabitEthernet0/0/4 is 2048

 The maximum dynamic ARP entry number of the port GigabitEthernet3/0/1 is 6000

……

1.1.16  display arp interface

Syntax

display arp interface interface-type interface-number

View

Any view

Parameters

interface-type: Port type.

Interface-number: Port number.

Description

Use the display arp interface command to display the ARP entries of a specified port.

Examples

# Display the ARP entries of Ethernet 3/0/1.

<H3C> display arp interface ethernet 3/0/1

            Type: S-Static   D-Dynamic

IP Address    MAC Address    VLAN ID Port Name        Aging Type

10.1.1.2      000f-e201-0102 1       Ethernet3/0/1    N/A   S

1.1.17  display arp proxy

Syntax

display arp proxy [ interface interface-type interface-number ]

View

Any view

Parameters

interface-type: Interface type.

interface-number: Interface number.

Description

Use the display arp proxy command to display the status of proxy ARP (enabled/disabled).

Related commands: arp proxy enable.

Examples

# Display the status of proxy ARP on VLAN–interface 2.

<H3C> display arp proxy interface Vlan-interface 2

Interface Vlan-interface2

 Proxy ARP status: disabled

1.1.18  display arp slot

Syntax

display arp slot slot-id

View

Any view

Parameters

slot-id: ID of a slot.

Description

Use the display arp slot command to display the ARP entries of all ports on the specified slot.

Examples

# Display the ARP entries on the third slot.

<H3C> display arp slot 3

            Type: S-Static   D-Dynamic

IP Address    MAC Address    VLAN ID Port Name        Aging Type

10.1.1.2      000f-e201-0102 1       Ethernet3/0/1    N/A   S

1.1.19  display arp source-suppression

Syntax

display arp source-suppression

View

Any view

Parameters

None

Description

Use the display arp source-suppression command to display the ARP source suppression configuration on the current switch.

Examples

# Display the ARP source suppression configuration on the current switch.

<H3C> display arp source-suppression

 ARP suppression limit total: 100

 ARP suppression limit local: 3

 ARP suppression limit through: 3

1.1.20  display arp vlan

Syntax

display arp vlan vlan-id

View

Any view

Parameters

vlan-id: VLAN ID.

Description

Use the display arp vlan command to display the ARP entries of all ports in a specified VLAN.

Examples

# Display the ARP entries of VLAN 1.

<H3C> display arp vlan 1

            Type: S-Static   D-Dynamic

IP Address    MAC Address    VLAN ID Port Name        Aging Type

10.1.1.2      000f-e201-0102 1       Ethernet3/0/1    N/A   S

1.1.21  display arp timer aging

Syntax

display arp timer aging

View

Any view

Parameters

None

Description

Use the display arp timer aging command to display the setting for ARP aging timer.

Related commands: arp timer aging.

Examples

# Display the setting for ARP aging timer.

<H3C> display arp timer aging

 Current ARP aging time is 20 minute(s)(default)

The above information shows that the time for ARP aging timer is 20 minutes.

1.1.22  gratuitous-arp-learning enable

Syntax

gratuitous-arp-learning enable

undo gratuitous-arp-learning enable

View

System view

Parameters

None

Description

Use the gratuitous-arp-learning enable command to enable gratuitous ARP learning.

Use the undo gratuitous-arp-learning enable command to disable gratuitous ARP learning.

By default, gratuitous ARP learning is disabled.

With gratuitous ARP learning enabled, a switch operates as follows when receiving a gratuitous ARP packet:

If an ARP entry in the cache matches the packet, the switch updates the ARP entry using the sender hardware address carried in the gratuitous ARP packet.

If no ARP entry in the cache matches the packet, an ARP entry corresponding to the packet is added to the cache.

Examples

# Enable gratuitous ARP learning on the switch.

<H3C> system-view

System View: return to User View with Ctrl+Z.

[H3C] gratuitous-arp-learning enable

1.1.23  reset arp attack-list

Syntax

reset arp attack-list

View

User view

Parameters

None

Description

Use the reset arp attack-list command to clear the ARP attack information.

Related commands: arp mac-arp-map limit, display arp attack-list.

Examples

# Clear the ARP attack information.

<H3C> reset arp attack-list

1.1.24  reset arp

Syntax

reset arp [ dynamic | static | interface interface-type interface-number ]

View

User view

Parameters

dynamic: Clears dynamic ARP entries.

static: Clears static ARP entries.

interface: Clears ARP entries of a specified port. interface-type identifies the port type, and interface-number identifies the port number.

Description

Use the reset arp command to clear ARP entries.

Related commands: arp static, display arp.

Examples

# Clear static ARP entries.

<H3C> reset arp static

H3C reserves the right to modify its collaterals without any prior notice. For the latest information of the collaterals, please consult H3C sales or call 400 hotline.