Dynamic ARP entry check disables a device from supporting dynamic ARP entries with multicast MAC addresses. The device cannot learn dynamic ARP entries containing multicast MAC addresses. You cannot manually add static ARP entries that contain multicast MAC addresses.

When dynamic ARP entry check is disabled, ARP entries containing multicast MAC addresses are supported. The device can learn dynamic ARP entries containing multicast MAC addresses obtained from the ARP packets sourced from a unicast MAC address. You can also manually add static ARP entries containing multicast MAC addresses.

Examples

# Enable dynamic ARP entry check.

<Sysname> system-view

[Sysname] arp check enable

arp check log enable

Use arp check log enable to enable the ARP logging feature.

Use undo arp check log enable to disable the ARP logging feature.

Syntax

arp check log enable

undo arp check log enable

Default

ARP logging is disabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

This feature enables a device to log ARP events when ARP cannot resolve IP addresses correctly. The log information helps administrators locate and solve problems. The device can log the following ARP events:

· On a proxy ARP-disabled interface, the target IP address of a received ARP packet is not one of the following IP addresses:

¡ The IP address of the receiving interface.

¡ The virtual IP address of the VRRP group.

¡ The public IP address after NAT.

· The sender IP address of a received ARP reply conflicts with one of the following IP addresses:

¡ The IP address of the receiving interface.

¡ The virtual IP address of the VRRP group.

¡ The public IP address after NAT.

The device sends ARP log messages to the information center. You can use the info-center source command to specify the log output rules for the information center. For more information about information center, see Network Management and Monitoring Configuration Guide.

The device can generate a large number of ARP logs. To conserve system resources, enable ARP logging only when you are auditing or troubleshooting ARP events.

Examples

# Enable ARP logging.

<Sysname> system-view

[Sysname] arp check log enable

arp ip-unnumbered learning enable

Use arp ip-unnumbered learning enable to enable an IP unnumbered interface to learn ARP entries for different subnets.

Use undo arp ip-unnumbered learning enable to disable an IP unnumbered interface from learning ARP entries for different subnets.

Syntax

arp ip-unnumbered learning enable

undo arp ip-unnumbered learning enable

Default

An IP unnumbered interface cannot learn ARP entries for different subnets.

Views

Interface view

Predefined user roles

network-admin

Usage guidelines

An IP unnumbered interface cannot learn the ARP entry of the peer device if the unnumbered interface and the peer device are on different subnets. To ensure communication between them, you can enable this feature on the IP unnumbered interface.

This feature takes effect only on an interface configured with the ip address unnumbered command. This interface is an unnumbered interface and borrows the IP address from another interface.

If an IP unnumbered interface is disabled from learning ARP entries for different subnets, existing ARP entries learned for different subnets are deleted after they age out.

Examples

# Configure GigabitEthernet 1/0/1 to borrow the IP address of GigabitEthernet 1/0/2, and enable GigabitEthernet 1/0/1 to learn ARP entries for different subnets.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] ip address unnumbered interface gigabitethernet 1/0/2

[Sysname-GigabitEthernet1/0/1] arp ip-unnumbered learning enable

Related commands

ip address unnumbered

arp max-learning-num

Use arp max-learning-num to set the dynamic ARP learning limit for an interface.

Use undo arp max-learning-num to restore the default.

Syntax

arp max-learning-num max-number

undo arp max-learning-num

Default

An interface can learn a maximum of 16384 dynamic ARP entries.

Views

Layer 2 Ethernet interface view

Layer 2 aggregate interface view

Layer 3 Ethernet interface view

Layer 3 Ethernet subinterface view

Layer 3 aggregate interface view

Layer 3 aggregate subinterface view

VLAN interface view

Predefined user roles

network-admin

Parameters

max-number: Specifies the maximum number of dynamic ARP entries for an interface. The value range for this argument is 0 to 16384.

Usage guidelines

An interface can dynamically learn ARP entries. To prevent an interface from holding too many ARP entries, you can set the maximum number of dynamic ARP entries that the interface can learn. When the maximum number is reached, the interface stops learning ARP entries.

When the number argument is set to 0, the interface is disabled from learning dynamic ARP entries.

Examples

# Specify VLAN-interface 40 to learn a maximum of 10 dynamic ARP entries.

<Sysname> system-view

[Sysname] interface vlan-interface 40

[Sysname-Vlan-interface40] arp max-learning-num 10

# Specify GigabitEthernet 1/0/1 to learn a maximum of 10 dynamic ARP entries.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] arp max-learning-num 10

# Specify Layer 2 aggregate interface Bridge-Aggregation 1 to learn a maximum of 10 dynamic ARP entries.

<Sysname> system-view

[Sysname] interface bridge-aggregation 1

[Sysname-Bridge-Aggregation1] arp max-learning-num 10

# Specify Layer 3 aggregate interface Route-Aggregation 1 to learn a maximum of 10 dynamic ARP entries.

<Sysname> system-view

[Sysname] interface route-aggregation 1

[Sysname-Route-Aggregation1] arp max-learning-num 10

arp max-learning-number

Use arp max-learning-number to set the dynamic ARP learning limit for a device.

Use undo arp max-learning-number to restore the default.

Syntax

In standalone mode:

arp max-learning-number max-number slot slot-number

undo arp max-learning-number slot slot-number

In IRF mode:

arp max-learning-number max-number chassis chassis-number slot slot-number

undo arp max-learning-number chassis chassis-number slot slot-number

Default

The device can learn a maximum of 16384 dynamic ARP entries.

Views

System view

Predefined user roles

network-admin

Parameters

max-number: Specifies the maximum number of dynamic ARP entries for a device. The value range for this argument is 0 to 16384.

slot slot-number: Specifies a card by its slot number. (In standalone mode.)

chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. (In IRF mode.)

Usage guidelines

A device can dynamically learn ARP entries. To prevent a device from holding too many ARP entries, you can set the maximum number of dynamic ARP entries that the device can learn. When the maximum number is reached, the device stops learning ARP entries.

When the number argument is set to 0, the device is disabled from learning dynamic ARP entries.

Examples

# Set the ARP learning limit to 64 for slot 1.

<Sysname> system-view

[Sysname] arp max-learning-number 64 slot 1

arp static

Use arp static to configure a static ARP entry.

Use undo arp to delete an ARP entry.

Syntax

arp static ip-address mac-address [ vlan-id interface-type interface-number | interface-type interface-number interface-type interface-number | vsi-interface vsi-interface-id tunnel number vsi vsi-name ] [ vpn-instance vpn-instance-name ]

undo arp ip-address [ vpn-instance-name ]

Default

No static ARP entries exist.

Views

System view

Predefined user roles

network-admin

Parameters

ip-address: Specifies an IP address for the static ARP entry.

mac-address: Specifies a MAC address for the static ARP entry, in the format of H-H-H.

vlan-id: Specifies the ID of a VLAN to which the static ARP entry belongs. The value range is 1 to 4094.

interface-type interface-number : Specifies an interface by its type and number.

vsi-interface vsi-interface-id: Specifies a VSI interface by its number. The value range for the vsi-interface-id argument is 0 to 8191.

tunnel number: Specifies a tunnel interface by its number. The value range for the number argument is 0 to 10239.

vsi vsi-name: Specifies a VSI by its name, a case-sensitive string of 1 to 31 characters.

vpn-instance vpn-instance-name: Specifies an MPLS L3VPN instance to which the static ARP entry belongs. The vpn-instance-name argument represents the VPN instance name, a case-sensitive string of 1 to 31 characters. The VPN instance must already exist. To specify a static ARP entry on the public network, do not specify this option.

Usage guidelines

A static ARP entry is manually configured and maintained. It does not age out and cannot be overwritten by any dynamic ARP entry.

Static ARP entries can be short or long.

A resolved short static ARP entry becomes unresolved upon certain events, for example, when the resolved output interface goes down, or the corresponding VLAN or VLAN interface is deleted.

Long static ARP entries are effective or ineffective. Ineffective long static ARP entries cannot be used for packet forwarding. A long static ARP entry is ineffective when any of the following conditions exists:

· The corresponding VLAN interface or output interface is down.

· The IP address in the entry conflicts with a local IP address.

· No local interface has an IP address in the same subnet as the IP address in the ARP entry.

If you specify the vlan-id interface-type interface-number argument, follow these restrictions and guidelines:

· The interface can be an Ethernet interface or an aggregate interface.

· The VLAN and VLAN interface must already exist. The specified Ethernet interface must belong to the specified VLAN.

· The IP address of the VLAN interface and the IP address specified by the ip-address argument must be on the same network.

· If a VLAN or VLAN interface is deleted, a long static ARP entry for the VLAN is deleted and a resolved short static ARP entry for the VLAN becomes unresolved.

On a PE-agg device that provides L2VPN access to the L3VPN network, an L3VE interface (input interface) might be connected to multiple L2VE subinterfaces (output interfaces). In this case, to configure a long static ARP entry, you must specify the interface-type interface-number interface-type interface-number argument to identify the mapping between input and output interfaces. For more information about L2VE interfaces and L3VE interfaces, see MPLS Configuration Guide.

On a VXLAN IP gateway that forwards traffic among VXLANs through VXLAN tunnels, a VSI interface can act as the gateway for multiple VXLANs. The VSI interface (input interface) might be connected to multiple VXLAN tunnel interfaces (output interfaces). In this case, you must specify the vsi-interface vsi-interface-id tunnel number vsi vsi-name parameters to identify a VSI interface-VSI-VXLAN tunnel interface binding. For more information about VSI interfaces, VSI, and VXLAN tunnel interfaces, see VXLAN Configuration Guide.

Examples

# Configure a long static ARP entry that contains IP address 202.38.10.2, MAC address 00e0-fc01-0000, and output interface GigabitEthernet 1/0/1 in VLAN 10.

<Sysname> system-view

[Sysname] arp static 202.38.10.2 00e0-fc01-0000 10 gigabitethernet 1/0/1

# Configure a long static ARP entry that contains IP address 1.1.1.1, MAC address 00e0-fc01-0000, input interface VE-L3VPN 1, and output interface VE-L2VPN 1.1.

<Sysname> system-view

[Sysname] arp static 1.1.1.1 00e0-fc01-0000 ve-l3vpn 1 ve-l2vpn 1.1

# Configure a long static ARP entry that contains IP address 1.1.1.1, MAC address 00e0-fc01-0000, input interface VSI-interface 1, output interface Tunnel 1, and the VSI a.

<Sysname> system-view

[Sysname] arp static 1.1.1.1 00e0-fc01-0000 vsi-interface 1 tunnel 1 vsi a

Related commands

display arp

reset arp

arp timer aging

Use arp timer aging to set the aging timer for dynamic ARP entries.

Use undo arp timer aging to restore the default.

Syntax

arp timer aging aging-time

undo arp timer aging

Default

The aging timer for dynamic ARP entries is 20 minutes.

Views

System view

Predefined user roles

network-admin

Parameters

aging-time: Specifies the aging timer in minutes. The value range for this argument is 1 to 1440.

Usage guidelines

Each dynamic ARP entry in the ARP table has a limited lifetime, called an aging timer. The aging timer of a dynamic ARP entry is reset each time the dynamic ARP entry is updated. Dynamic ARP entries that are not updated before their aging timers expire are deleted from the ARP table.

Set the aging timer for dynamic ARP entries as needed. For example, when you configure proxy ARP, set a short aging time so that invalid dynamic ARP entries can be deleted in a timely manner.

Examples

# Set the aging timer for dynamic ARP entries to 10 minutes.

<Sysname> system-view

[Sysname] arp timer aging 10

Related commands

display arp timer aging

display arp

Use display arp to display ARP entries.

Syntax

In standalone mode:

In IRF mode:

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

all: Displays all ARP entries.

dynamic: Displays dynamic ARP entries.

static: Displays static ARP entries.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays ARP entries for the active MPU. (In standalone mode.)

vlan vlan-id: Specifies a VLAN by its VLAN ID. The VLAN ID is in the range of 1 to 4094.

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays ARP entries for all interfaces.

verbose: Displays detailed information about ARP entries.

Usage guidelines

This command displays information about ARP entries, including the IP address, MAC address, VLAN ID, output interface, entry type, and aging timer.

Examples

# Display all ARP entries.

<Sysname> display arp all

Type: S-Static D-Dynamic O-Openflow R-Rule I-Invalid

IP address MAC address SVLAN/VSI Interface/Link ID Aging Type

1.1.1.1 02e0-f102-0023 1 GE1/0/1 -- S

1.1.1.2 00e0-fc00-0001 12 GE1/0/2 16 D

1.1.1.3 00e0-fe50-6503 12 Tunnel1 960 D

# Display detailed information about all ARP entries.

<Sysname> display arp all verbose

Type: S-Static D-Dynamic O-Openflow R-Rule I-Invalid

IP address : 1.1.1.1 MAC address : 02e0-f102-0023

Type : Static Aging : --

Interface : GE1/0/1 SVLAN/CVLAN : 1/--

VPN instance : --

Link ID : --

VXLAN ID : --

VSI name : --

VSI interface : --

MPLS PW ID : --

MPLS peer PE address: --

Nickname : 0x0000

IP address : 1.1.1.2 MAC address : 00e0-fc00-0001

Type : Dynamic Aging : 16 min

Interface : GE1/0/2 SVLAN/CVLAN : 12/--

VPN instance : --

Link ID : --

VXLAN ID : --

VSI name : --

VSI interface : --

MPLS PW ID : --

MPLS peer PE address: --

Nickname : 0x0000

IP address : 1.1.1.3 MAC address : 00e0-fe50-6503

Type : Dynamic Aging : 16 min

Interface : Tunnel1 SVLAN/CVLAN : 12/--

VPN instance : --

Link ID : --

VXLAN ID : --

VSI name : --

VSI interface : --

MPLS PW ID : --

MPLS peer PE address: --

Nickname : 0x0000

# Display the number of all ARP entries.

<Sysname> display arp all count

Total number of entries : 3

Table 1 Command output

Field	Description
IP address	IP address in an ARP entry.
MAC address	MAC address in an ARP entry.
SVLAN/VSI	ID of the VLAN or index of the VSI to which the ARP entry belongs. This field displays hyphens (--) in either of the following situations: · The ARP entry is an unresolved short static ARP entry. · The output interface of the ARP entry does not belong to the VLAN or VSI.
Interface	Output interface in the ARP entry. This field displays hyphens (--) in either of the following situations: The ARP entry is an unresolved short static ARP entry.
Link ID	Link ID in the ARP entry. This field displays hyphens (--) if the ARP entry does not belong to any VSI.
Aging	Aging time for an ARP entry in minutes. For a static ARP entry, this field always displays hyphens (--). The static ARP entry never ages out unless you delete it manually. For a dynamic ARP entry, this field displays hyphens (--) if the aging time is unknown.
Type	ARP entry type: · D—Dynamic. · S—Static. · O—OpenFlow. · R—Rule. · I—Invalid.
SVLAN/CVLAN	ID of the SVLAN or CVLAN to which the ARP entry belongs. This field displays hyphens (--) in either of the following situations: · The ARP entry is an unresolved short static ARP entry. · The output interface of the ARP entry does not belong to a SVLAN or CVLAN.
VPN instance	Name of VPN instance. If no VPN instance is configured for the ARP entry, this field displays hyphens (--).
VXLAN ID	ID of the VXLAN to which the ARP entry belongs. VXLAN ID is also called VNI. If the ARP entry does not belong to any VXLAN, this field displays hyphens (--).
VSI name	Name of the VSI to which the ARP entry belongs. If the ARP entry does not belong to any VSI, this field displays hyphens (--).
VSI interface	Name of the gateway interface of the VSI. If no gateway interface is specified for the VSI, this field displays hyphens (--).
MPLS PW ID	ID of the PW to which the ARP entry belongs. This field displays two hyphens (--) if the ARP entry does not belong to a PW.
MPLS peer PE address	IP address of the remote PE on the PW. This field displays two hyphens (--) if the ARP entry does not belong to a PW.
Nickname	This field is not supported in the current software version. Nickname of the ARP entry. The nickname is a string of four hexadecimal numbers, for example, 0x012a.
Total number of entries	Number of ARP entries.

Related commands

arp static

reset arp

display arp ip-address

Use display arp ip-address to display the ARP entry for an IP address.

Syntax

In standalone mode:

display arp ip-address [ slot slot-number ] [ verbose ]

In IRF mode:

display arp ip-address [ chassis chassis-number slot slot-number ] [ verbose ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

ip-address: Displays the ARP entry for the specified IP address.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays information for the active MPU. (In standalone mode.)

verbose: Displays the detailed information about the specified ARP entry.

Usage guidelines

The ARP entry information includes the IP address, MAC address, VLAN ID, output interface, entry type, and aging timer.

Examples

# Display the ARP entry for the IP address 20.1.1.1.

<Sysname> display arp 20.1.1.1

Type: S-Static D-Dynamic O-Openflow R-Rule M-Multiport I-Invalid

IP address MAC address SVLAN/VSI Interface/Link ID Aging Type

20.1.1.1 00e0-fc00-0001 -- -- -- S

Related commands

arp static

reset arp

display arp timer aging

Use display arp timer aging to display the aging timer of dynamic ARP entries.

Syntax

display arp timer aging

Views

Any view

Predefined user roles

network-admin

network-operator

Examples

# Display the aging timer of dynamic ARP entries.

<Sysname> display arp timer aging

Current ARP aging time is 20 minute(s)(default)

Related commands

arp timer aging

display arp vpn-instance

Use display arp vpn-instance to display the ARP entries for a VPN instance.

Syntax

display arp vpn-instance vpn-instance-name [ count ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vpn-instance-name: Specifies an MPLS L3VPN instance by its name, a case-sensitive string of 1 to 31 characters. The VPN instance name cannot contain any spaces.

Usage guidelines

This command displays information about ARP entries for a VPN instance, including the IP address, MAC address, VLAN ID, output interface, entry type, and aging timer.

Examples

# Display ARP entries for VPN instance test.

<Sysname> display arp vpn-instance test

Type: S-Static D-Dynamic O-Openflow R-Rule M-Multiport I-Invalid

IP address MAC address SVLAN/VSI Interface/Link ID Aging Type

20.1.1.1 00e0-fc00-0001 -- -- -- S

Related commands

arp static

reset arp

Use reset arp to clear ARP entries from the ARP table.

Syntax

In standalone mode:

reset arp { all | dynamic | interface interface-type interface-number | slot slot-number | static }

In IRF mode:

reset arp { all | chassis chassis-number slot slot-number | dynamic | interface interface-type interface-number | static }

Views

User view

Predefined user roles

network-admin

Parameters

all: Clears all ARP entries.

dynamic: Clears all dynamic ARP entries.

static: Clears all static ARP entries.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command clears ARP entries for the active MPU. (In standalone mode.)

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command clears ARP entries for all interfaces.

Examples

# Clear all static ARP entries.

<Sysname> reset arp static

Related commands

arp static

display arp

Gratuitous ARP commands

arp ip-conflict log prompt

Use arp ip-conflict log prompt to enable IP conflict notification.

Use undo arp ip-conflict log prompt to restore the default.

Syntax

arp ip-conflict log prompt

undo arp ip-conflict log prompt

Default

IP conflict notification is disabled.

Views

System view

Predefined user roles

network-admin

Examples

# Enable IP conflict notification on the device.

<Sysname> system-view

[Sysname] arp ip-conflict log prompt

arp send-gratuitous-arp

Use arp send-gratuitous-arp to enable periodic sending of gratuitous ARP packets on an interface.

Use undo arp send-gratuitous-arp to disable the interface from periodically sending gratuitous ARP packets.

Syntax

arp send-gratuitous-arp [ interval interval ]

undo arp send-gratuitous-arp

Default

Periodic sending of gratuitous ARP packets is disabled.

Views

Layer 3 Ethernet interface view

Layer 3 Ethernet subinterface view

Layer 3 aggregate interface view

Layer 3 aggregate subinterface view

VLAN interface view

Predefined user roles

network-admin

Parameters

interval interval: Specifies the sending interval in the range of 200 to 200000 milliseconds. The default value is 2000 milliseconds.

Usage guidelines

This feature takes effect on an interface only when the interface has an IP address and the data link layer state of the interface is up.

This feature can send gratuitous ARP requests only for a VRRP virtual IP address, or the sending interface's primary IP address or manually configured secondary IP address. The primary IP address can be configured manually or automatically, whereas the secondary IP address must be configured manually.

If you change the sending interval for gratuitous ARP packets, the configuration takes effect at the next sending interval.

The sending interval for gratuitous ARP packets might be much longer than the set interval when any of the following conditions exist:

· This feature is enabled on multiple interfaces.

· Each interface is configured with multiple secondary IP addresses.

· A small sending interval is configured in the preceding cases.

Examples

# Enable GigabitEthernet 1/0/1 to send gratuitous ARP packets every 300 milliseconds.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] arp send-gratuitous-arp interval 300

gratuitous-arp mac-change retransmit

Use gratuitous-arp mac-change retransmit to set the times and the interval for retransmitting a gratuitous ARP packet for the device MAC address change.

Use undo gratuitous-arp mac-change retransmit to restore the default.

Syntax

gratuitous-arp mac-change retransmit times interval seconds

undo gratuitous-arp mac-change retransmit

Default

The device sends a gratuitous packet for its MAC address change once only.

Views

System view

Predefined user roles

network-admin

Parameters

times: Specifies the times of retransmitting a gratuitous packet, in the range of 1 to 10.

interval seconds: Specifies the interval for retransmitting a gratuitous packet, in the range of 1 to 10 seconds.

Usage guidelines

The device sends a gratuitous ARP packet to inform other devices of its MAC address change. However, the other devices might fail to receive the packet because the device sends the gratuitous ARP packet once only by default. Use this command to configure gratuitous ARP retransmission parameters to ensure that the other devices can receive the packet.

After you execute this command, the device will retransmit a gratuitous ARP packet for its MAC address change at the specified interval for the specified times.

Examples

# Set the times to 3 and the interval to 5 for retransmitting a gratuitous ARP packet for the device MAC address change.

<Sysname> system-view

[Sysname] gratuitous-arp mac-change retransmit 3 interval 5

gratuitous-arp-learning enable

Use gratuitous-arp-learning enable to enable learning of gratuitous ARP packets.

Use undo gratuitous-arp-learning enable to disable learning of gratuitous ARP packets.

Syntax

gratuitous-arp-learning enable

undo gratuitous-arp-learning enable

Default

Learning of gratuitous ARP packets is enabled.

Views

System view

Predefined user roles

network-admin

Usage guidelines

The learning of gratuitous ARP packets feature allows a device to maintain its ARP table by creating or updating ARP entries based on received gratuitous ARP packets.

When this feature is disabled, the device uses received gratuitous ARP packets to update existing ARP entries only. ARP entries are not created based on the received gratuitous ARP packets, which saves ARP table space.

Examples

# Enable learning of gratuitous ARP packets.

<Sysname> system-view

[Sysname] gratuitous-arp-learning enable

gratuitous-arp-sending enable

Use gratuitous-arp-sending enable to enable sending gratuitous ARP packets upon receiving ARP requests whose sender IP address is on a different subnet.

Use undo gratuitous-arp-sending enable to disable sending gratuitous ARP packets upon receiving ARP requests whose sender IP address is on a different subnet.

Syntax

gratuitous-arp-sending enable

undo gratuitous-arp-sending enable

Default

A device does not send gratuitous ARP packets when it receives ARP requests whose sender IP address is on a different subnet.

Views

System view

Predefined user roles

network-admin

Examples

# Disable a device from sending gratuitous ARP packets upon receiving ARP requests whose sender IP address is on a different subnet.

<Sysname> system-view

[Sysname] undo gratuitous-arp-sending enable

Proxy ARP commands

display local-proxy-arp

Use display local-proxy-arp to display the local proxy ARP status.

Syntax

display local-proxy-arp [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the local proxy ARP status for all interfaces.

Usage guidelines

You can use this command to check whether local proxy ARP is enabled or disabled.

Examples

# Display the local proxy ARP status for GigabitEthernet 1/0/1.

<Sysname> display local-proxy-arp interface gigabitethernet 1/0/1

Interface GigabitEthernet1/0/1

Local Proxy ARP status: enabled

Related commands

local-proxy-arp enable

display proxy-arp

Use display proxy-arp to display the proxy ARP status.

Syntax

display proxy-arp [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays the proxy ARP status for all interfaces.

Usage guidelines

You can use this command to check whether proxy ARP is enabled or disabled.

Examples

# Display the proxy ARP status on GigabitEthernet 1/0/1.

<Sysname> display proxy-arp interface gigabitethernet 1/0/1

Interface GigabitEthernet1/0/1

Proxy ARP status: disabled

Related commands

proxy-arp enable

local-proxy-arp enable

Use local-proxy-arp enable to enable local proxy ARP.

Use undo local-proxy-arp enable to disable local proxy ARP.

Syntax

local-proxy-arp enable [ ip-range start-ip-address to end-ip-address ]

undo local-proxy-arp enable

Default

Local proxy ARP is disabled.

Views

Layer 3 Ethernet interface view

Layer 3 Ethernet subinterface view

Layer 3 aggregate interface view

Layer 3 aggregate subinterface view

VLAN interface view

Predefined user roles

network-admin

Parameters

ip-range start-ip-address to end-ip-address: Specifies the IP address range for which local proxy ARP is enabled. The start IP address must be lower than or equal to the end IP address.

Usage guidelines

Proxy ARP enables a device on a network to answer ARP requests for an IP address not on that network. With proxy ARP, hosts in different broadcast domains can communicate with each other as they do on the same network.

Proxy ARP includes common proxy ARP and local proxy ARP.

Common proxy ARP allows communication between hosts that connect to different Layer 3 interfaces and reside in different broadcast domains.

Local proxy ARP allows communication between hosts that connect to the same Layer 3 interface and reside in different broadcast domains.

If you execute this command multiple times, the most recent configuration takes effect.

Examples

# Enable local proxy ARP on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] local-proxy-arp enable

# Enable local proxy ARP on GigabitEthernet 1/0/1 for an IP address range.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] local-proxy-arp enable ip-range 1.1.1.1 to 1.1.1.20

Related commands

display local-proxy-arp

proxy-arp enable

Use proxy-arp enable to enable proxy ARP.

Use undo proxy-arp enable to disable proxy ARP.

Syntax

proxy-arp enable

undo proxy-arp enable

Default

Proxy ARP is disabled.

Views

Layer 3 Ethernet interface view

Layer 3 Ethernet subinterface view

Layer 3 aggregate interface view

Layer 3 aggregate subinterface view

VLAN interface view

Predefined user roles

network-admin

Usage guidelines

Proxy ARP includes common proxy ARP and local proxy ARP.

Common proxy ARP allows communication between hosts that connect to different Layer 3 interfaces and reside in different broadcast domains.

Local proxy ARP allows communication between hosts that connect to the same Layer 3 interface and reside in different broadcast domains.

Examples

# Enable proxy ARP on GigabitEthernet 1/0/1.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] proxy-arp enable

Related commands

display proxy-arp

ARP snooping commands

arp snooping enable

Use arp snooping enable to enable ARP snooping.

Use undo arp snooping enable to disable ARP snooping.

Syntax

arp snooping enable

undo arp snooping enable

Default

ARP snooping is disabled.

Views

VLAN view

Predefined user roles

network-admin

Examples

# Enable ARP snooping for VLAN 2.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] arp snooping enable

display arp snooping

Use display arp snooping to display ARP snooping entries.

Syntax

In standalone mode:

display arp snooping [ vlan vlan-id ] [ slot slot-number ] [ count ]

display arp snooping ip ip-address [ slot slot-number ]

In IRF mode:

display arp snooping [ vlan vlan-id ] [ chassis chassis-number slot slot-number ] [ count ]

display arp snooping ip ip-address [ chassis chassis-number slot slot-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

vlan vlan-id: Displays ARP snooping entries for a VLAN. The vlan-id argument is in the range of 1 to 4094.

ip ip-address: Displays the ARP snooping entry for the specified IP address.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays ARP snooping entries for the active MPU. (In standalone mode.)

Examples

# Display ARP snooping entries for VLAN 2.

<Sysname> display arp snooping vlan 2

IP Address MAC Address VLAN ID Interface Aging Status

3.3.3.3 0003-0003-0003 2 GE1/0/1 20 Valid

3.3.3.4 0004-0004-0004 2 GE1/0/2 5 Invalid

# Display the number of the ARP snooping entries.

<Sysname> display arp snooping count

Total entries: 2

Table 2 Command output

Field	Description
IP Address	IP address in an ARP snooping entry.
MAC Address	MAC address in an ARP snooping entry.
VLAN ID	ID of the VLAN to which the ARP snooping entry belongs.
Interface	Input interface in an ARP snooping entry.
Aging	Aging time for an ARP snooping entry in minutes. If the card learns an ARP snooping entry from another card, the card cannot learn the aging time of the entry, and this field displays N/A.
Status	Status of an ARP snooping entry: Valid, Invalid, Collision.
Total entries	Number of ARP snooping entries.

Related commands

reset arp snooping

Use reset arp snooping to delete ARP snooping entries.

Syntax

reset arp snooping [ ip ip-address | vlan vlan-id ]

Views

User view

Predefined user roles

network-admin

Parameters

ip ip-address: Deletes the ARP snooping entry for the specified IP address.

vlan vlan-id: Deletes ARP snooping entries for the specified VLAN. The value range for the vlan-id argument is 1 to 4094.

Usage guidelines

If you do not specify any option, the command deletes all ARP snooping entries.

Examples

# Delete ARP snooping entries for VLAN 2.

<Sysname> reset arp snooping vlan 2

Related commands

display arp snooping

ARP fast-reply commands

arp fast-reply enable

Use arp fast-reply enable to enable ARP fast-reply for a VLAN.

Use undo arp fast-reply enable to disable ARP fast-reply for a VLAN.

Syntax

arp fast-reply enable

undo arp fast-reply enable

Default

ARP fast-reply is disabled on a VLAN.

Views

VLAN view

Predefined user roles

network-admin

Examples

# Enable ARP fast-reply for VLAN 2.

<Sysname> system-view

[Sysname] vlan 2

[Sysname-vlan2] arp fast-reply enable

ARP PnP commands

arp pnp

Use arp pnp to enable the ARP plug and play (PnP) feature.

Use undo arp pnp to disable the ARP PnP feature.

Syntax

arp pnp

undo arp pnp

Default

The ARP PnP feature is disabled.

Views

Layer 3 Ethernet interface view

Layer 3 Ethernet subinterface view

Predefined user roles

network-admin

Usage guidelines

This command is typically configured on a gateway. The ARP PnP feature allows end users to access the gateway without changing their IP addresses on subnets different from the subnet where the gateway resides.

To make ARP PnP operate correctly on an interface, make sure the following requirements are met:

· The interface has a primary IP address.

· NAT is configured on the interface that connects to the external network.

· ARP entries on the interface are all deleted by using the reset arp command before you enable the ARP PnP feature.

The ARP PnP feature generates agent IP addresses based on the primary IP address and mask length of the interface. The maximum number of agent IP addresses allowed on an interface is the smaller value of the following items:

· The device's limit on the maximum number of agent IP addresses on the interface.

· The maximum number of host IP addresses allowed by the mask length. The interface's primary IP address is excluded. For example, if the mask length is 24, a maximum of 253 agent IP addresses can be generated.

Features that use ARP entries, for example, static routes and proxy ARP, cannot operate correctly when the ARP PnP feature is enabled.

Examples

# Enable the ARP PnP feature.

<Sysname> system-view

[Sysname] interface gigabitethernet 1/0/1

[Sysname-GigabitEthernet1/0/1] arp pnp

display arp pnp

Use display arp pnp to display ARP PnP mappings.

Syntax

display arp pnp [ interface interface-type interface-number ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, the command displays ARP PnP mappings for all interfaces.

Examples

# Display all ARP PnP mappings.

<Sysname> display arp pnp

Total number of entries : 5

Agent IP address User IP address MAC address Interface Aging

1.1.1.2 20.1.1.1 00e0-fc00-0001 GE1/0/1 10

1.1.1.3 193.1.1.70 00e0-fe50-6503 GE1/0/1 5

2.2.2.2 192.168.0.115 000d-88f7-9f7d GE1/0/2 11

3.3.3.3 192.168.0.39 0012-a990-2241 GE1/0/3 5

3.3.3.4 22.1.1.1 000c-299d-c041 GE1/0/3 14

# Display ARP PnP mappings on GigabitEthernet 1/0/1.

<Sysname> display arp pnp interface gigabitethernet 1/0/1

Total number of entries : 2

Agent IP address User IP address MAC address Interface Aging

1.1.1.2 20.1.1.1 00e0-fc00-0001 GE1/0/1 10

1.1.1.3 193.1.1.70 00e0-fe50-6503 GE1/0/1 5

Table 3 Command output

Field	Description
Agent IP address	Agent IP address the ARP PnP feature generates for the user.
User IP address	IP address of the user.
MAC address	MAC address of the user.
Interface	Interface that connects to the user.
Aging	Aging time (in minutes) of the mapping.

ARP suppression commands

arp suppression enable

Use arp suppression enable to enable ARP suppression.

Use undo arp suppression enable to disable ARP suppression.

Syntax

arp suppression enable

undo arp suppression enable

Default

ARP suppression is disabled.

Views

Cross-connect view

Predefined user roles

network-admin

Usage guidelines

You must enable L2VPN before you enter cross-connect view.

Examples

# Enable ARP suppression for cross-connect 2 in cross-connect group 1.

<Sysname> system-view

[Sysname] xconnect-group 1

[Sysname-xcg-1] connection 2

[Sysname-xcg-1-2] arp suppression enable

Related commands

arp suppression push interval

Use arp suppression push interval to enable the ARP suppression push feature and set a push interval.

Use undo arp suppression push interval to disable the ARP suppression push feature.

Syntax

arp suppression push interval interval

undo arp suppression push interval

Default

The ARP suppression push feature is disabled.

Views

System view

Predefined user roles

network-admin

Parameters

interval: Specifies a push interval for ARP suppression, in the range of 1 to 1440 minutes.

Usage guidelines

The ARP suppression push feature regularly pushes ARP suppression entries by broadcasting gratuitous ARP packets.

Examples

# Configure the device to push ARP suppression entries every 2 minutes.

<Sysname> system-view

[Sysname] arp suppression push interval 2

Related commands

arp suppression enable

display arp suppression xconnect-group

Use display arp suppression xconnect-group to display ARP suppression entries.

Syntax

In standalone mode:

display arp suppression xconnect-group [ name group-name ] [ slot slot-number ] [ count ]

In IRF mode:

display arp suppression xconnect-group [ name group-name ] [ chassis chassis-number slot slot-number ] [ count ]

Views

Any view

Predefined user roles

network-admin

network-operator

Parameters

name group-name: Specifies a cross-connect group by its name, a case-sensitive string of 1 to 31 characters excluding hyphens (-). If you do not specify a cross-connect group, this command display ARP suppression entries for all cross-connect groups.

slot slot-number: Specifies a card by its slot number. If you do not specify a card, this command displays ARP suppression entries for the active MPU. (In standalone mode.)

Examples

# Display ARP suppression entries for all cross-connect groups.

<Sysname> display arp suppression xconnect-group

IP address MAC address Xconnect-group Connection Aging

100.1.1.1 000c-29fe-5a8f vpna svc 12

100.1.1.2 000c-29fe-5aa3 vpna svc 25

# Display the total number of ARP suppression entries.

<Sysname> display arp suppression xconnect-group count

Total entries: 2

Table 4 Command output

Field	Description
IP address	IP address in the ARP suppression entry.
MAC address	MAC address in the ARP suppression entry.
Xconnect-group	Name of the cross-connect group to which the ARP suppression entry belongs.
Connection	Name of the cross-connect to which the ARP suppression entry belongs.
Aging	Aging time of the ARP suppression entry, in minutes.

Related commands

reset arp suppression xconnect-group

Use reset arp suppression xconnect-group to clear dynamic ARP suppression entries.

Syntax

reset arp suppression xconnect-group [ name group-name ]

Views

User view

Predefined user roles

network-admin

Parameters

name group-name: Specifies a cross-connect group by its name, a case-sensitive string of 1 to 31 characters excluding hyphens (-). If you do not specify a cross-connect group, this command clears dynamic ARP suppression entries for all cross-connect groups.

Examples

# Clear dynamic ARP suppression entries for all cross-connect groups.

<Sysname> reset arp suppression xconnect-group

Related commands

display arp suppression xconnect-group

ARP direct route advertisement commands

arp route-direct advertise

Use arp route-direct advertise to enable ARP direct route advertisement.

Use undo arp route-direct advertise to disable ARP direct route advertisement.

Syntax

arp route-direct advertise

undo arp route-direct advertise

Default

ARP direct route advertisement is disabled.

Views

L3VE interface view

Predefined user roles

network-admin

Examples

# Enable ARP direct route advertisement on L3VE interface VE-L3VPN 1.

<Sysname> system-view

[Sysname] interface ve-l3vpn 1

[Sysname-VE-L3VPN1] arp route-direct advertise

07-Layer 3—IP Services Command Reference

arp static

arp timer aging

display arp ip-address

display arp vpn-instance

reset arp

gratuitous-arp-learning enable

display local-proxy-arp

display proxy-arp

local-proxy-arp enable

ARP snooping commands

display arp snooping

reset arp snooping

ARP fast-reply commands

ARP suppression commands

ARP direct route advertisement commands

Cloud & AI

InterConnect

Intelligent Terminal Products

Product Support Services

Technical Service Solutions

Resource Center

Policy

Online Help

Become a Partner

Partner Resources

Partner Business Management

Company Information

News & Events

Contact Us