arp access-group

OcNOS-RON : System Management Guide : System Management Command Reference : Access Control List Commands (XGS) : arp access-group

arp access-group

Use this command to attach ARP access list to an interface to filter incoming ARP packets.

When you attach an access list to a VLAN interface or LAG interface as well as to a physical interface that is a member of that LAG and/or VLAN interface, the priority order is:

1. VLAN interface

2. LAG interface

3. Physical interface

For example, if you attach access lists to both a LAG interface and a physical interface that is a member of that LAG, matching traffic rules are applied to the LAG interface, but not to the physical interface.

Use the no form of this command to detach an ARP access group.

Note: To attach an ARP access-group to an interface, the ingress-arp TCAM group should be enabled. See the hardware-profile filter (XGS) command for more details.

Command Syntax

arp access-group NAME in

no arp access-group NAME in

Parameters

NAME

ARP Access list name

Command Mode

Interface mode

Applicability

This command was introduced in OcNOS version 1.3.6.

Example

#configure terminal

(config)#arp access-list ARP_ACL1

(config-arp-acl)#exit

(config)#interface xe1

(config-if)#arp access-group ARP_ACL1 in

(config-if)#no arp access-group ARP_ACL1 in

Last modified date: 08/28/2023