display arp detection statistics packet-drop
Use display arp detection statistics packet-drop to display statistics for packets dropped by ARP attack detection.
Syntax
display arp detection statistics packet-drop [ interface interface-type interface-number [ service-instance instance-id ] ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
interface interface-type interface-number: Specifies an interface by its type and number. If you do not specify an interface, this command displays dropped packet statistics for all interfaces and all Ethernet service instances on the interfaces.
service-instance instance-id: Specifies an Ethernet service instance by its ID. If you do not specify an Ethernet service instance, this command displays dropped packet statistics for all Ethernet service instances on the specified interface.
Usage guidelines
This command displays numbers of packets discarded by user validity check and ARP packet validity check on interfaces or Ethernet service instances on the interfaces.
Examples
# Display statistics for packets dropped by ARP attack detection.
<Sysname> display arp detection statistics packet-drop State: U-Untrusted T-Trusted ARP packets dropped by ARP inspect checking: Interface(State) IP Src-MAC Dst-MAC Inspect FGE1/0/1(U) 40 0 0 78 FGE1/0/2(U) 0 0 0 0 FGE1/0/3(T) 0 0 0 0 FGE1/0/4(U) 0 0 30 0 FGE1/0/5-srv1(U) 0 10 20 0 FGE1/0/5-srv2(T) 10 0 20 22
Table 86: Command output
Field | Description |
|---|---|
State | State of an interface:
|
Interface(State) | Inbound interface or AC of ARP packets. State specifies the port or AC state, trusted or untrusted. |
IP | Number of ARP packets discarded due to invalid sender and target IP addresses. |
Src-MAC | Number of ARP packets discarded due to invalid source MAC address. |
Dst-MAC | Number of ARP packets discarded due to invalid destination MAC address. |
Inspect | Number of ARP packets that failed to pass user validity check. |
Related commands
reset arp detection statistics packet-drop