This chapter describes how to configure Address Resolution Protocol (ARP) security, including anti-ARP proofing and anti-ARP flooding, to improve the security and robustness of the network communication and network devices.
Address Resolution Protocol (ARP) security protects devices from attacks that tamper with or forge ARP packets. ARP security implementation enhances device and network security.
Before configuring a rate limit for Address Resolution Protocol (ARP) packets to be sent to the CPU, familiarize yourself with the applicable environment, complete the pre-configuration tasks for the configuration.
You can configure ARP packet filtering, validity check of ARP packets, and check the Destination IP Addresses of ARP Packets. These anti-ARP spoofing mechanisms improve network security and stability.
This section provides examples for ARP attack defense. A configuration example consists of the networking requirements, configuration roadmap, data preparation, and configuration procedures.