Layer 2 Switching Commands 371Dynamic ARP InspectionCommandsDell EMC Networking N1100-ON/N1500/N2000/N2100-ON/N3000/N3100-ON/N4000 Series SwitchesDynamic ARP Inspection (DAI) is a security feature that rejects invalid andmalicious ARP packets. The feature prevents a class of man-in-the-middleattacks, where an unfriendly station intercepts traffic for other stations bypoisoning the ARP caches of its neighbors. The attacker sends ARP requestsor responses mapping another station IP address to its own MAC address.DAI drops ARP packets whose sender MAC address and sender IP address donot match an entry in the DHCP Snooping bindings database.Commands in this SectionThis section explains the following commands:arp access-listUse the arp access-list command to create an ARP ACL. It will place the userin ARP ACL Configuration mode. Use the “no” form of this command todelete an ARP ACL.Syntaxarp access-list acl-nameno arp access-list acl-namearp access-list ip arp inspection vlanclear ip arp inspection statistics permit ip host mac hostip arp inspection filter show arp access-listip arp inspection limit show ip arp inspectionip arp inspection trust 12 Enabled Disabledip arp inspection validate –