No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Static MAC Entry in the ARP Table Does Not Take Effect Because ARP Binding Is Not Bound to the Interface on the NE40

Publication Date:  2012-07-27 Views:  34 Downloads:  0
Issue Description

In the network attached to the NE40, a PC attacks the network. Therefore, it is required to configure ARP binding of the PC. In the system view, however, when ARP binding is configured, there are two MAC addresses corresponding to the IP address in the ARP entry. One is static and the other is dynamically learnt. That is, ARP binding fails.
The configuration is as follows:

arp static 192.168.101.2 0018-8b89-d949 vpn-instance YNBTN_CAIWUThe corresponding entry is as follows:
IP Address      MAC Address     VlanID Type VPN-Instance  Interface             
192.168.101.2   0018-8b89-d949         S   YNBTN_CAIWU                   
192.168.101.2   0050-8bb3-c8b3  98     D    YNBTN_CAIWU    Eth8/0/1  
The above information shows that the interface eth 8/0/1 learns the incorrect MAC address corresponding to 192.168.101.2. As a result, the PC still attacks the network by using forged MAC addresses. 

            
Alarm Information

Null

Handling Process

Associate ARP binding with the interface and then there is only the static MAC address in the ARP entry. The configuration is as follows:
arp static 192.168.101.2 0018-8b89-d949 vid 98 interface ethernet 8/0/1

Root Cause
ARP binding is not associated with the interface. As a result, ARP binding fails.  
Suggestions

When an IP address is bound to a MAC address, the binding must be associated with an interface. The related command is: static ip-address mac-address vid vlan-id interface interface-type interface-numberThe command is applicable for VRP5.3.

      

END