< Home

Licensing Requirements and Limitations for ARP Security

Involved Network Elements

Other network elements are not required.

Licensing Requirements

ARP security is a basic feature of a switch and is not under license control.

Feature Support in V200R019C10

All models of S2720, S5700, and S6700 series switches support ARP Security.

For details about software mappings, visit Hardware Query Tool and search for the desired product model.

Feature Limitations

  • For ARP packets, when rate limit is configured globally, in a VLAN, or on an interface and rate limit based on the source MAC address or source IP address is also configured, the smallest rate is used.

  • For ARP Miss messages, when rate limit is configured globally, in a VLAN, or on an interface and rate limit based on the source IP address is also configured, the smallest rate is used.

  • When resources are sufficient, DAI can be enabled in a maximum of 10 VLANs.

  • Since V200R013C02, after 1:1 VLAN mapping is configured on the S5720-HI, S5730-HI, S5731-H, S5731S-H, S5731-S, S5731S-S, S6720-HI, S5732-H, S6730-H, S6730S-H, S6730-S, S6730S-S, the VLANIF interface corresponding to the mapped VLAN supports optimized ARP reply.
  • When user authentication and ARP snooping are configured together on an interface, the first ARP packet sent by a user does not trigger ARP snooping learning and ARP snooping entry generation. Only subsequent ARP packets sent from the user can trigger ARP snooping learning and ARP snooping entry generation.
Parent Topic: ARP Security Configuration
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >