OcNOS-RON : System Management Guide : System Management Configuration Guide : Access Control Lists Configurations : ARP ACL Overview
ARP ACL Overview
ARP ACL can be used to permit or deny the ARP packets, based on the ARP request or response option configured.
Topology
Figure 21-31: ARP ACL Sample Topology
ARP ACL Configuration
 
#configure terminal
Enter configure mode.
(config)#interface ge4
Enter interface mode.
(config-if)#ip address 11.11.11.11/24
Assign IPv4 address.
(config-if)#exit
Exit access list mode.
(config)#mac access-list mac1
Enter mac access list mode.
(config-mac-acl)#permit 0000.3ae0.456d 0000.0000.0000 any arp request
Create an access rule to permit specific ARP request.
(config-mac-acl)#permit 0000.3ae0.456d 0000.0000.0000 any arp response
Create an access rule to permit specific ARP response.
(config-mac-acl)#permit any any ipv4
Create an access rule to permit any IPv4 packet.
(config-mac-acl)#exit
Exit access list mode.
(config)#interface ge4
Enter interface mode.
(config-if)#mac access-group mac1 in
Apply access group mac1 for inbound traffic to the interface.
(config-if)#end
Exit interface and configure mode.
Validation
Use the commands below to assign IP address on IXIA and ping from IXIA.
#show mac access-lists
MAC access list mac1
10 permit host 0000.3AE0.456D any arp request [match=1]
20 permit host 0000.3AE0.456D any arp response [match=1]
30 permit any any ipv4 [match=1]
default deny-all
Last modified date: 08/28/2023