FAQ About ARP Security

Why Cannot ARP Entries Be Dynamically Migrated on the Switch?

Strict ARP Learning Is Enabled on the Switch, and a User Has Learned the Switch's ARP Entry. Why Cannot the Switch Learn the User ARP Entry by Pinging the User?

Why Cannot a DAI-enabled Switch Forward Valid ARP Packets at Line Rate?

DAI and EAI Are Enabled on a Switch. Why Can the Switch Forward ARP Packets Sent by Unauthorized Users to Request MAC Addresses of Authorized Users?

DAI Is Enabled on a Switch, and the Source MAC Address of an ARP Packet Is Checked Against the Source MAC Address in an Ethernet Frame Header. An ARP Packet with its Source MAC Address Different from that in the Ethernet Frame Header Can Pass the Check. Why?

Can the IP Address of a VLANIF Interface in a DAI-enabled VLAN Be Successfully Pinged?

How Can I Detect Whether ARP Attacks Are Occurring on the Device?

Can the Device Be Deployed with the ARP Anti-Attack Function?

How Can I Handle an ARP Learning Failure Caused by ARP Miss Messages?

How Can ARP Miss Logs and Alarms Be Disabled?

How Can I Prevent ARP Attacks Targeted at Static Users?

What Do I Do If the Device Receives a Large Number of ARP Request or Reply Packets?

Can the Device Prevent ARP Attacks After the ARP Anti-Attack Function Is Configured?

Parent Topic: ARP Security Configuration

Copyright © Huawei Technologies Co., Ltd.

Copyright © Huawei Technologies Co., Ltd.

< Previous topic