1-5To do… Use the command… RemarksEnter system view system-view —Enter Ethernet interfaceviewinterface interface-typeinterface-number —Configure ARP packetrate limitarp rate-limit { disable | ratepps drop }RequiredBy default, the ARP packet rate limitis enabled and is 100 pps.Configuring ARP DetectionIntroductionThe ARP detection feature is mainly configured on an access device to allow only the ARP packets ofauthorized clients to be forwarded, hence preventing user spoofing and gateway spoofing.ARP detection includes ARP detection based on specified objects, and ARP detection based on staticIP source guard binding entries/DHCP snooping entries/802.1X security entries/OUI MAC addresses.If both the ARP detection based on specified objects and the ARP detection based on static IP SourceGuard binding entries/DHCP snooping entries/802.1X security entries/OUI MAC addresses areenabled, the former one applies first, and then the latter applies.Configuring ARP Detection Based on Specified ObjectsWith this feature configured, the device permits the ARP packets received from an ARP trusted port topass directly, and checks the ARP packets received from an ARP untrusted port. You can specifyobjects in the ARP packets to be detected. The objects involve:z src-mac: Checks whether the sender MAC address of an ARP packet is identical to the sourceMAC address in the Ethernet header. If they are identical, the packet is forwarded; otherwise, thepacket is discarded.z dst-mac: Checks the target MAC address of ARP replies. If the target MAC address is all-zero,all-one, or inconsistent with the destination MAC address in the Ethernet header, the packet isconsidered invalid and discarded.z ip: Checks both the source and destination IP addresses in an ARP packet. The all-zero, all-one ormulticast IP addresses are considered invalid and the corresponding packets are discarded. Withthis object specified, the source and destination IP addresses of ARP replies, and the source IPaddress of ARP requests are checked.Follow these steps to configure ARP detection based on specified objects:To do… Use the command… RemarksEnter system view system-view —Enter VLAN view vlan vlan-id —