arp access-group

OcNOS-SP : System Management Guide : System Management Command Reference : Access Control List Commands : arp access-group

arp access-group

Use this command to attach an ARP access list to an interface to filter incoming ARP packets.

When you attach an ARP access list to a LAG interface as well as to a physical interface that is a member of that LAG interface, the priority order is:

1. LAG interface

2. Physical interface

Use the no form of this command to detach an ARP access group.

Note: An ARP access-list is supported only on switch ports.

Note: To attach an ARP access-group to an interface, the ingress-arp TCAM group should be enabled. See the hardware-profile filter command for details.

Command Syntax

arp access-group NAME in

no arp access-group NAME in

Parameters

NAME

ARP access list name

Command Mode

Interface mode

Applicability

This command was introduced in OcNOS version 3.0.

Example

#configure terminal

(config)#arp access-list arp1

(config-arp-acl)#permit ip any mac any

(config-arp-acl)#exit

(config)#interface xe1

(config-if)#arp access-group arp1 in

(config-if)#exit

(config)#interface xe1

(config-if)#no arp access-group arp1 in

(config-if)#exit

Last modified date: 10/19/2023