< Home

display arp optimized-passby status

Function

The display arp optimized-passby status command displays whether the device is configured not to send ARP packets destined for other devices to the CPU and whether the configuration takes effect.

Format

display arp optimized-passby status interface vlanif vlanif-id slot slot-id

Only the S5720-HI, S5730-HI, S5731-H, S5731-S, S5731S-H, S5731S-S, S5732-H, S6720-HI, S6730-H, S6730S-H, S6730-S, and S6730S-S support this command.

Parameters

Parameter

Description

Value

interface vlanif vlanif-id

Displays whether the device is configured not to send ARP packets destined for other devices to the CPU and whether the configuration takes effect on a specified VLANIF interface.

The value is an integer and the value range depends on the range of existing VLANIF interfaces. You can enter ? to obtain the range of VLANIF interface numbers.

slot slot-id

Displays whether the device is configured not to send ARP packets destined for other devices to the CPU and whether the configuration takes effect in a specified slot.

The value must be set according to the device configuration.

Views

All views

Default Level

1: Monitoring level

Usage Guidelines

If an interface receives a large number of ARP packets whose destination IP addresses are different from the IP address of this interface and sends these ARP packets to the CPU for processing, the CPU usage is high and the CPU cannot process services properly.

To prevent this issue, you can configure the device to directly forward ARP packets destined for other devices without sending them to the CPU. This improves the device's capability of defending against ARP flood attacks.

When the device is configured not to send ARP packets destined for other devices to the CPU, the configuration does not take effect if a conflict configuration exists on the device. You can use the display arp optimized-passby status command to check whether the device is configured not to send ARP packets destined for other devices to the CPU and whether the configuration takes effect. For details about conflict configurations, see arp optimized-passby enable.

Example

# Display whether the device is configured not to send ARP packets destined for other devices to the CPU and whether the configuration takes effect on VLANIF 100.

<HUAWEI> display arp optimized-passby status interface Vlanif 100 slot 0
Current configuration:Enable                                                                                                        
Actual         status:Inactive                                                                                                      
Related configuration:                                                                                                              
   NAC configuration (for example, dot1x enable)
Table 1 Description of the display arp optimized-passby status command output

Item

Description

Current configuration
Whether the device is configured not to send ARP packets destined for other devices to the CPU.
  • Enable: The device is configured not to send ARP packets destined for other devices to the CPU.
  • Disable: The device is configured to send ARP packets destined for other devices to the CPU.

Actual status
Whether the configuration of disabling the device from sending ARP packets destined for other devices to the CPU takes effect.
  • Inactive
  • Active

Related configuration

Conflict configuration. For details, see arp optimized-passby enable.
Parent Topic: ARP Security Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >