No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.

Knowledge Base

Static MAC Entry in the ARP Table Does Not Take Effect Because ARP Binding Is Not Bound to the Interface on the NE40

Publication Date:  2012-07-27  |   Views:  161  |   Downloads:  0  |   Author:  w91491  |   Document ID:  EKB0000325946


Issue Description

In the network attached to the NE40, a PC attacks the network. Therefore, it is required to configure ARP binding of the PC. In the system view, however, when ARP binding is configured, there are two MAC addresses corresponding to the IP address in the ARP entry. One is static and the other is dynamically learnt. That is, ARP binding fails.
The configuration is as follows:

arp static 0018-8b89-d949 vpn-instance YNBTN_CAIWUThe corresponding entry is as follows:
IP Address      MAC Address     VlanID Type VPN-Instance  Interface       0018-8b89-d949         S   YNBTN_CAIWU             0050-8bb3-c8b3  98     D    YNBTN_CAIWU    Eth8/0/1  
The above information shows that the interface eth 8/0/1 learns the incorrect MAC address corresponding to As a result, the PC still attacks the network by using forged MAC addresses. 


Alarm Information


Handling Process

Associate ARP binding with the interface and then there is only the static MAC address in the ARP entry. The configuration is as follows:
arp static 0018-8b89-d949 vid 98 interface ethernet 8/0/1

Root Cause

ARP binding is not associated with the interface. As a result, ARP binding fails.  


When an IP address is bound to a MAC address, the binding must be associated with an interface. The related command is: static ip-address mac-address vid vlan-id interface interface-type interface-numberThe command is applicable for VRP5.3.