01-02 ARP Configuration
Uploaded by
Adrian Carmona01-02 ARP Configuration
Uploaded by
Adrian CarmonaHUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
2 ARP Configuration
About This Chapter
The Address Resolution Protocol (ARP) maps IP addresses to MAC addresses. ARP
sets up IP-to-MAC mappings and transmits Ethernet frames over Layer 2 networks
based on the mappings.
2.1 Overview of ARP
ARP provides a mechanism for mapping IP addresses to MAC addresses to
implement data forwarding through Ethernet networks.
2.2 ARP Licensing Requirements and Configuration Precautions
2.3 Configuring Static ARP
When static ARP is used, mappings between IP addresses and MAC addresses are
configured and cannot be changed on hosts or routers. Static ARP entries are
always not aged on routers that are working properly.
2.4 Configuring Dynamic ARP
Hosts and routers can learn dynamic ARP entries by default. However, you can
adjust dynamic ARP aging parameters or optimize the ARP entry update policy.
2.5 Configuring Routed Proxy ARP
Routed proxy ARP allows devices that have IP addresses on the same network
segment but different physical networks to communicate with each other.
2.6 Configuring Proxy ARP Within a VLAN
Proxy ARP within a VLAN allows communication between devices in the same
VLAN but configured with interface isolation.
2.7 Configuring Proxy ARP Between VLANs
Proxy ARP between VLANs allows communication between devices in different
VLANs.
2.8 Configuring Local Proxy ARP
To enable users who are isolated in the same bridge domain (BD) to communicate
with each other, configure local proxy ARP.
2.9 Configuring ARP-Ping
ARP-Ping is classified as ARP-Ping IP or ARP-Ping MAC.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 5
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
2.10 Configuring Unicast ARP Probe
To check whether a peer device is reachable and to enable a device to learn a peer
device's MAC address, configure a local interface to send a unicast ARP request
that carries the peer device's IP and MAC addresses as the destination addresses.
2.11 Configuring the Function to Send ARP Packets at a Constant Speed
This section describes how to enable a device to send ARP packets at a constant
rate, so that normal services of the peer device are not affected.
2.12 Configuring Association Between ARP and Interface Status
Association between ARP and interface status allows the local device to check
whether the peer device is able to properly forward packets.
2.13 Configuring a Rate for Sending ARP Broadcast Packets
You can configure a proper rate for sending ARP broadcast packets to reduce CPU
usage.
2.14 (Optional) Disabling ARP-MAC Association
The NetEngine 8000 by default supports ARP-MAC association. This function
allows fast updates of ARP entries and effectively guarantee real-time and stable
user traffic. However, the VLANIF interface performs synchronization on the host
after learning ARP entries. As a result, there are a large number of ARP entries on
all LPUs. To resolve the problem, disable ARP-MAC association in scenarios where
ARP entry synchronization is not required on the host.
2.15 Maintaining ARP
This section describes how to clear ARP statistics and monitor the operating
status.
2.16 Configuration Examples for ARP
This section provides ARP configuration examples.
2.1 Overview of ARP
ARP provides a mechanism for mapping IP addresses to MAC addresses to
implement data forwarding through Ethernet networks.
Introduction
The Address Resolution Protocol (ARP) is an Internet protocol used to map IP
addresses to MAC addresses.
If two hosts need to communicate, the sender must know the network-layer IP
address of the receiver. IP datagrams, however, must be encapsulated with MAC
addresses before they can be transmitted over the physical network. Therefore,
ARP is needed to map IP addresses to MAC addresses to ensure the transmission
of datagrams.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 6
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
ARP features
Table 2-1 ARP features
Feature Description Usage Scenario
Dynamic ARP Devices Real-time
dynamically learn communication is
and update the a priority, or
mapping network
between IP and resources are
MAC addresses insufficient.
by exchanging
ARP messages.
Static ARP The mapping Communication
between IP and security is a
MAC addresses is priority, and
manually created network
and cannot be resources are
dynamically sufficient.
modified.
Gratuitous ARP A device Gratuitous ARP is
broadcasts used to check
gratuitous ARP whether the local
packets that IP address
carry the local IP conflicts with
address as both that of another
the source and device, to notify
destination IP other devices on
addresses to the same
notify the other network segment
devices on the of the new MAC
same network address after the
segment of its local network
address interface card is
information. replaced, or to
notify master/
slave switchovers
in a Virtual
Router
Redundancy
Protocol (VRRP)
backup group.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 7
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Feature Description Usage Scenario
Proxy ARP If a proxy ARP- ● Two hosts
enabled device have the same
receives an ARP network ID,
request message but are
that destined for located on
another device, different
the proxy ARP- physical
enabled device network
encapsulates its segments. If
MAC address into the hosts need
an ARP reply to
message and communicate,
sends the packet routed proxy
to the device that ARP must be
sends the ARP enabled on
request message. the
intermediate
device.
● Two hosts
belong to the
same VLAN,
but host
isolation is
configured for
the VLAN. If
the two hosts
need to
communicate,
intra-VLAN
proxy ARP
must be
enabled on
the interfaces
that connect
the two hosts.
● Two hosts
belong to
different
VLANs. If the
two hosts
need to
communicate
at Layer 2,
inter-VLAN
proxy ARP
must be
enabled on
the interfaces
that connect
the two hosts.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 8
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Feature Description Usage Scenario
● In the
Ethernet
virtual
connection
(EVC) mode, if
two hosts
belong to the
same bridge
domain (BD)
for which host
isolation is
configured,
you must
enable local
proxy ARP on
the VBDIF
interfaces that
connect the
two hosts.
Otherwise, the
two hosts
cannot
communicate.
ARP-Ping ARP-Ping uses To prevent
ARP messages to address conflict,
detect whether send ARP
an IP or MAC messages to
address to be check whether an
configured for a address is already
device is in use. in use on the
network before
configuring an IP
or MAC address
for a device.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 9
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Feature Description Usage Scenario
Dual-Device ARP Hot Backup Dual-device ARP Dual-device ARP
hot backup hot backup
enables ARP prevents
entries on the downlink traffic
control and from being
forwarding interrupted
planes to be because the
synchronized backup device
between the does not learn
master and ARP entries from
backup devices in a device on the
real time. When user side during
the backup a master/backup
device switches VRRP switchover,
to the master which improves
device, host route network
information is reliability.
generated based
on the backup
ARP entries on
the backup
device.
2.2 ARP Licensing Requirements and Configuration
Precautions
Licensing Requirements
For details, see "Licensing Requirements" in Feature Description.
Configuration Precautions
N/A
2.3 Configuring Static ARP
When static ARP is used, mappings between IP addresses and MAC addresses are
configured and cannot be changed on hosts or routers. Static ARP entries are
always not aged on routers that are working properly.
Usage Scenario
Static ARP entries are manually configured and maintained. They cannot be aged
or overwritten by dynamic ARP entries. Configuring static ARP entries improves
communication security. When device A communicates with device B using a
specified IP address, device A can be configured with a fixed mapping between
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 10
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
device B's IP address and MAC address. This mapping will not be changed because
devices do not update ARP entries after receiving attack packets. This ensures
communication between the two devices.
Static ARP can be used for the following purposes:
● To enable a local gateway to forward packets with destination IP addresses
not on the local network segment.
● To bind the invalid IP addresses of received ARP messages to a non-existent
MAC address so that these ARP messages can be filtered out.
You can deploy static ARP on important network devices like servers to set up
static mappings between IP addresses and MAC addresses of the peers
communicating with the devices. The static mappings cannot be modified by
forged ARP messages, and prevent the devices from responding to illegal ARP
request messages. In this way, the devices are protected from network attacks.
Static ARP entries will never be overwritten, but configuring a large number of ARP entries
is heavy workload. Therefore, static ARP is applicable to small networks on which host IP
addresses seldom change.
Pre-configuration Tasks
Before configuring static ARP, complete the following tasks:
● Configure physical parameters for interfaces to ensure that the physical status
of the interfaces is Up.
● Configure link layer protocol parameters for interfaces to ensure that the link
layer protocol status of the interfaces is Up.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run arp static ip-address mac-address [ vpn-instance vpn-instance-name ]
A static ARP entry is configured.
The optional parameters for configuring static ARP on different types of interfaces
vary. For details, see the command format of arp static.
Step 3 Run commit
The configuration is committed.
----End
Verifying the Configuration of Static ARP
After configuring static ARP, verify the configuration.
● Run the display arp slot slot-id command to check the ARP entries on the
board in a specified slot.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 11
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
● Run the display arp vlan vlan-id interface interface-type interface-number
command to check ARP entries for VLANs.
● Run the display arp track command to check the ARP entries learned by
VLANIF/VBDIF interfaces and outbound interface changes.
2.4 Configuring Dynamic ARP
Hosts and routers can learn dynamic ARP entries by default. However, you can
adjust dynamic ARP aging parameters or optimize the ARP entry update policy.
Usage Scenario
ARP aging parameters include the aging time, number of ARP aging probes, and
ARP aging probe interval. Proper setting of these aging parameters can improve
network reliability:
● Aging time: When the aging time of a dynamic ARP entry expires, a device
sends an ARP probe packet (ARP Request message) from the outbound
interface recorded in the dynamic ARP entry, and starts counting the number
of ARP probes.
● Number of ARP aging probes: Before deleting an aged dynamic ARP entry, a
device sends ARP probe packets to the IP address recorded in the ARP entry at
specified intervals. If the configured number of ARP aging probes is exceeded
but the ARP entry has not been updated, the device will delete the ARP entry.
● ARP aging probe interval: It is the interval at which probe packets are sent.
1. If the aging time of dynamic ARP entries is set too short, for example, 1 minute,
the device will be busy updating dynamic ARP entries. This consumes a lot of
system resources and affects the processing of other services.
2. Length of time before the deletion of a dynamic ARP entry = Number of ARP aging
probes x Probe interval
Setting a long probe interval is not recommended, because a long interval will
delay the deletion of an aged dynamic ARP entry according to the formula.
After the Layer 2 topology detection function is enabled, the aging time of all ARP
entries corresponding to the VLAN to which a Layer 2 interface belongs is set to 0
when the status of the Layer 2 interface changes from Down to Up. Then the
device resends ARP probe packets to update all ARP entries.
After the device on a ring network is disabled from responding to TC packets, the
device will not age or delete ARP entries after receiving TC packets, reducing
resource consumptions caused by frequent ARP entry updates and minimizing
adverse impacts on user services.
Pre-configuration Tasks
Before configuring dynamic ARP, complete the following tasks:
● Configure physical parameters for interfaces to ensure that the physical status
of the interfaces is Up.
● Configure link layer protocol parameters for interfaces to ensure that the link
layer protocol status of the interfaces is Up.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 12
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Procedure
● Adjust dynamic ARP aging parameters.
a. Run system-view
The system view is displayed.
b. Run interface interface-type interface-number
The interface view is displayed.
c. Run arp expire-time expire-time
The aging time is set for dynamic ARP entries.
In specific scenarios, after MAC entries are aged, the VLANIF interface fails to
obtain the Layer 2 outbound interface and broadcast a unicast packet in the
VLAN. To ensure service security, you can run the arp expire-time expire-time
vlanif command to set the aging time for dynamic ARP entries on all VLANIF
interfaces to a value smaller than the aging time for MAC entries. This prevents
unicast packets from being broadcast due to Layer 2 outbound interface
mismatch.
d. Run arp detect-times detect-times
The number of ARP aging probes is set.
e. Run arp detect-interval detect-interval
The ARP aging probe transmission interval is set.
f. Run arp detect-mode unicast
The interface is configured to unicast ARP aging probe packets.
g. Run commit
The configuration is committed.
● Enable Layer 2 topology detection.
a. Run system-view
The system view is displayed.
b. Run l2-topology detect enable
Layer 2 topology detection is enabled.
● Disable the device from responding to TC packets.
a. Run system-view
The system view is displayed.
b. Run arp topology-change disable
The device is disabled from responding to TC packets.
----End
Verifying the Configuration of Dynamic ARP
After configuring dynamic ARP, verify the configuration.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 13
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
● Run the display arp all command to check the ARP entries on the main
control boards and all interface boards.
● Run the display arp interface interface-name command to check the ARP
entries on a specified interface.
● Run the display arp slot slot-id command to check the ARP entries on a
board in a specified slot.
● Run the display arp vpn-instance vpn-instance-name slot slot-id [ dynamic |
static ] command to check the ARP entries of a specified VPN instance.
2.5 Configuring Routed Proxy ARP
Routed proxy ARP allows devices that have IP addresses on the same network
segment but different physical networks to communicate with each other.
Usage Scenario
A large company network is usually divided into multiple subnets to facilitate
management. The routing information of a host in a subnet can be modified so
that IP datagrams sent from this host to another subnet are first sent to the
gateway and then to another subnet. However, this solution makes it hard to
manage and maintain devices. Deploying proxy ARP on the gateway effectively
resolves management and maintenance problems caused by network division.
Pre-configuration Tasks
Before configuring routed proxy ARP, complete the following tasks:
● Configure physical parameters for interfaces to ensure that the physical status
of the interfaces is Up.
● Configure link layer protocol parameters for interfaces to ensure that the link
layer protocol status of the interfaces is Up.
2.5.1 Configuring an IP Addresses for an Interface
The IP address assigned to a routed proxy ARP-enabled interface must be on the
same network segment with the IP address of the host on the LAN to which this
interface connects.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface interface-type interface-number [ .subinterface-number ] interface-
number
The interface view is displayed.
Step 3 Run ip address ip-address { mask | mask-length } [ sub ]
An IP address is configured for the interface.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 14
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Step 4 Run commit
The configuration is committed.
----End
2.5.2 Enabling Routed Proxy ARP
To allow subnets on the same IP network to communicate, enable routed proxy
ARP.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface interface-type interface-number [ .subinterface-number ]
The interface view is displayed.
Step 3 Run arp-proxy enable
Routed proxy ARP is enabled on the interface.
After routed proxy ARP is enabled, you must reduce the aging time of ARP entries
on the device so that the number of packets received but cannot be forwarded by
the device is decreased.
Step 4 Run commit
The configuration is committed.
----End
2.5.3 Verifying the Configuration of Routed Proxy ARP
After configuring routed proxy ARP, verify the configuration.
Prerequisites
Routed proxy ARP has been configured.
Procedure
● Run the display arp interface interface-name command to check the ARP
mapping table on a specified interface.
● Run the display arp slot slot-id command to check the ARP mapping table on
the board in a specified slot.
● Run the display arp vpn-instance vpn-instance-name slot slot-id [ dynamic |
static ] command to check the ARP mapping table for a specified VPN
instance.
----End
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 15
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
2.6 Configuring Proxy ARP Within a VLAN
Proxy ARP within a VLAN allows communication between devices in the same
VLAN but configured with interface isolation.
Usage Scenario
If two users belong to the same VLAN but user isolation is configured in the
VLAN, and communication is required between them, you can enable proxy ARP
within the VLAN on the interfaces in the VLAN.
Pre-configuration Tasks
Before configuring proxy ARP within the VLAN, configure user isolation within a
VLAN.
2.6.1 Configuring an IP Addresses for an Interface
The IP address assigned to an interface needs to be in the same network segment
with the IP addresses of the users of all the VLANs associated to this interface.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface interface-type interface-number [ .subinterface-number ]
The sub-interface view is displayed.
Proxy ARP within a VLAN can be configured on Ethernet sub-interfaces, GE sub-
interfaces, Eth-Trunk sub-interfaces.
Step 3 Run ip address ip-address { mask | mask-length } [ sub ]
An IP address is configured for the sub-interface.
Step 4 Run commit
The configuration is committed.
----End
2.6.2 (Optional) Associating the Sub-interface with a VLAN
Before you configure proxy ARP within a VLAN on Ethernet sub-interfaces, GE
interfaces, or Eth-Trunk sub-interfaces, associate the sub-interface with a VLAN.
Procedure
Step 1 Run system-view
The system view is displayed.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 16
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Step 2 Run interface interface-type interface-number [ .subinterface-number ]
The sub-interface view is displayed.
Step 3 Run vlan-type dot1q vlan-id
The sub-interface is associated with a VLAN.
Step 4 Run commit
The configuration is committed.
----End
2.6.3 Enabling Proxy ARP Within a VLAN
To enable communication between isolated devices within the same VLAN, proxy
ARP within the VLAN is required.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface interface-type interface-number [ .subinterface-number ]
The sub-interface view is displayed.
Step 3 Run arp-proxy inner-sub-vlan-proxy enable
Proxy ARP within a VLAN is enabled on the sub-interface or VLANIF interface.
Step 4 Run commit
The configuration is committed.
----End
2.6.4 Verifying the Configuration of Proxy ARP Within a VLAN
After configuring proxy ARP within a VLAN, verify the configuration.
Prerequisites
Proxy ARP within a VLAN has been configured.
Procedure
● Run the display arp interface interface-name command to check the ARP
mapping table on a specified interface.
● Run the display arp slot slot-id command to check the ARP mapping table on
the board in a specified slot.
● Run the display arp vpn-instance vpn-instance-name slot slot-id [ dynamic |
static ] command to check the ARP mapping table for a specified VPN
instance.
----End
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 17
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
2.7 Configuring Proxy ARP Between VLANs
Proxy ARP between VLANs allows communication between devices in different
VLANs.
Usage Scenario
If two hosts belong to different VLANs and communication is required between
them, proxy ARP between VLANs must be enabled on interfaces associated with
the VLANs.
Pre-configuration Tasks
Before configuring proxy ARP between VLANs, configure VLAN aggregation.
2.7.1 Configuring an IP Addresses for an Interface
The IP address assigned to an interface needs to be in the same network segment
with the IP addresses of the users of all the VLANs associated to this interface.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface interface-type interface-number [ .subinterface-number ]
The sub-interface view is displayed.
Proxy ARP between VLANs can be configured on Ethernet sub-interfaces, GE sub-
interfaces, and Eth-Trunk sub-interfaces.
Step 3 Run ip address ip-address { mask | mask-length } [ sub ]
An IP address is configured for the sub-interface.
Step 4 Run commit
The configuration is committed.
----End
2.7.2 (Optional) Associating the Sub-interface with a VLAN
Before you configure proxy ARP between VLANs on Ethernet sub-interfaces, GE
interfaces, or Eth-Trunk sub-interfaces, associate the sub-interface with a VLAN.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface interface-type interface-number [ .subinterface-number ]
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 18
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
The sub-interface view is displayed.
Step 3 Run vlan-type dot1q vlan-id
The sub-interface is associated with a VLAN.
Step 4 Run commit
The configuration is committed.
----End
2.7.3 Enabling Proxy ARP Between VLANs
To enable communication between devices in different VLANs, proxy ARP between
VLANs is required.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface interface-type interface-number [ .subinterface-number ]
The sub-interface view is displayed.
Step 3 Run arp-proxy inter-sub-vlan-proxy enable
Proxy ARP between VLANs is enabled on the sub-interface
Step 4 Run commit
The configuration is committed.
----End
2.7.4 Verifying the Configuration of Proxy ARP Between
VLANs
After configuring proxy ARP between VLANs, verify the configuration.
Prerequisites
Proxy ARP between VLANs has been configured.
Procedure
● Run the display arp interface interface-name command to check ARP entries
on a specified interface.
● Run the display arp slot slot-id command to check ARP entries on the board
in a specified slot.
● Run the display arp vpn-instance vpn-instance-name slot slot-id [ dynamic |
static ] command to check the ARP mapping table of a specified VPN
instance.
----End
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 19
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
2.8 Configuring Local Proxy ARP
To enable users who are isolated in the same bridge domain (BD) to communicate
with each other, configure local proxy ARP.
Usage Scenario
In an EVC model, a BD is a broadcast domain, and member interfaces in a BD
broadcast the packets they receive. To minimize broadcast traffic, split horizon can
be configured on member interfaces that do not need to communicate with each
other. After split horizon is enabled on member interfaces in a BD, users who are
served by these interfaces are isolated. However, as services become more diverse
and keep increasing, users have growing needs for intra-BD communication. To
meet the service requirements, local proxy ARP can be configured on a VBDIF
interface for member interfaces in a BD. (A VBDIF interface is a virtual interface.)
Pre-configuration Tasks
Before configuring local proxy ARP, complete the following tasks:
● Isolate users who are in the same BD.
● Create a VBDIF interface.
2.8.1 Assigning an IP address to a VBDIF Interface
The IP address assigned for a VBDIF interface that performs local proxy ARP for a
bridge domain (BD) must be in the same network segment as the IP addresses of
the member interfaces in the BD.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run bridge-domain bd-id
A BD is created.
Step 3 Run interface vbdif bd-id
A VBDIF interface is created, and the VBDIF interface view is displayed.
The number of the VBDIF interface must be the same as the BD ID specified in
Step 2.
A VBDIF interface of a BD goes Up only if the BD has a Layer 2 sub-interface that is in the
Up state. To add a Layer 2 sub-interface to a BD, run the bridge-domain (Layer 2 sub-
interface view) command in the view of the Layer 2 sub-interface.
Step 4 Run ip address ip-address { mask | mask-length } [ sub ]
An IP address is assigned to the VBDIF interface.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 20
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Step 5 Run commit
The configuration is committed.
----End
2.8.2 Enabling Local Proxy ARP
To allow isolated devices in a BD to communicate, enable the local proxy ARP
function.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface vbdif bd-id
The VBDIF interface view is displayed.
Step 3 Run arp-proxy local enable
Local proxy ARP is enabled.
After local proxy ARP is enabled, all the users in the BD can communicate. To enable intra-
BD communications between only some member interfaces in the BD, run the undo split-
horizon enable command on these interfaces instead of configuring the local proxy ARP
function for the BD.
Step 4 Run commit
The configuration is committed.
----End
2.9 Configuring ARP-Ping
ARP-Ping is classified as ARP-Ping IP or ARP-Ping MAC.
Usage Scenario
Before configuring an IP address for a device on a LAN, run the arp-ping ip
command to check whether the IP address to be configured is being used by
another device on the network.
The ping command can also be used to check whether this IP address is used by
another device on the network. If the destination host and the router that are
enabled with the firewall function are configured not to reply to ping packets, the
destination host and the router do not reply to ping packets. This means that the
ping always fails and the IP address mistakenly considered available. To resolve
this problem, use the ARP-Ping IP feature. ARP packets are Layer 2 protocol
messages and, in most cases, can pass through a firewall configured not to
respond to ping messages.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 21
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
When a device knows a specific MAC address on a network segment but does not
know the corresponding IP address, the arp-ping mac command can be run on
the device to broadcast ICMP packets to obtain the corresponding IP address.
Pre-configuration Tasks
Before configuring ARP-Ping, configure link layer protocol parameters for
interfaces to ensure that the link layer protocol status of the interfaces is Up.
2.9.1 Configuring ARP-Ping IP
ARP-Ping IP sends ARP packets onto a LAN to check whether an IP address is
being used by another device on the LAN.
Procedure
Step 1 Run arp-ping ip ip-host [ interface interface-type interface-number [ vlan-id
vlanId ] ] [ timeout timeout ]
ARP-Ping IP is enabled to check whether an IP address is being used by another
device.
----End
Result
There are two possible results after the command is run:
● If the IP address is not being used by another device, the command output is
as follows:
[*HUAWEI] arp-ping ip 10.1.1.2
ARP-Pinging 10.1.1.2:
Error: Request timed out
Error: Request timed out
Error: Request timed out
The IP address is not used by anyone!
● If the IP address is being used by another device, the command output is as
follows:
[*HUAWEI] arp-ping ip 10.1.1.1
ARP-Pinging 10.1.1.1:
10.1.1.1 is used by 00e0-fc7d-f202
2.9.2 Configuring ARP-Ping MAC
ARP-Ping MAC sends ICMP packets onto a LAN to check whether a MAC address is
used by another device on the LAN.
Procedure
Step 1 Run arp-ping mac mac-address { ip-address [ vpn-instance vpn-instance-name ] |
interface interface-type interface-number }
ARP-Ping MAC is enabled to check whether a MAC address is being used by
another device.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 22
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
There are two possible results after the command is run:
● If the MAC address is not being used by another device, the command output
is as follows:
[*HUAWEI] arp-ping mac 00e0-fc7d-f201 interface gigabitethernet 1/0/0
OutInterface: GigabitEthernet1/0/0 MAC[00-E0-FC-7D-F2-01], press CTRL_C to break
Request timed out
Request timed out
Request timed out
----- ARP-Ping MAC statistics -----
3 packet(s) transmitted
0 packet(s) received
MAC[00-E0-FC-7D-F2-01] not be used
● If the MAC address is being used by another device, the command output
displays the IP address corresponding to this MAC address. The command
output is as follows:
[*HUAWEI] arp-ping mac 00e0-fc7d-f202 interface gigabitethernet 1/0/0
OutInterface: GigabitEthernet1/0/0 MAC[00-E0-FC-7D-F2-02], press CTRL_C to break
----- ARP-Ping MAC statistics -----
1 packet(s) transmitted
1 packet(s) received
IP ADDRESS MAC ADDRESS
10.1.1.1 00-E0-FC-7D-F2-02
----End
2.10 Configuring Unicast ARP Probe
To check whether a peer device is reachable and to enable a device to learn a peer
device's MAC address, configure a local interface to send a unicast ARP request
that carries the peer device's IP and MAC addresses as the destination addresses.
Background Information
To improve network security, some devices do not support broadcast packets.
● Before an ARP entry ages out, the local device broadcasts an ARP request
packet in an attempt to update the ARP entry based on the reply from a peer
device. If the peer device does not support broadcast packets, it does not
respond to the broadcast ARP request packet, so the local device considers the
peer device offline and deletes the ARP entry. As a result, services will be
interrupted between the two devices.
● If the local device is new, it will broadcast an ARP request packet to learn the
MAC addresses of other devices. If a peer device does not support broadcast
packets, it will discard the ARP request packet, so the local device will not
learn the peer device's MAC address. As a result, new services will not be
started between the two devices.
To resolve these problems, enable the unicast ARP probe function. This function
enables a local interface to send a unicast ARP request packet that carries the
specified IP and MAC addresses. The unicast ARP probe function improves network
security, without compromising service stability.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 23
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Pre-configuration Tasks
Before configuring unicast ARP probe, complete the following tasks:
● Connect interfaces and set physical parameters for the interfaces to ensure
that the physical interface status is Up.
● Configure link layer protocol parameters on interfaces to ensure that the link
layer protocol is Up.
Data Preparation
To configure unicast ARP probe, you need the following data.
No. Data
1 Destination IP address for the unicast ARP request packet to be sent
2 Destination MAC address for the unicast ARP request packet to be sent
3 Type and number of the interface for sending out the unicast ARP
request packet
4 Inner tag value for the unicast ARP request packet to be sent
5 Outer tag value for the unicast ARP request packet to be sent
Procedure
Step 1 Run arp send-packet ip-address mac-address interface interface-type interface-
number [ vid vid [ cevid cevid ] ]
The unicast ARP probe function is enabled.
----End
2.11 Configuring the Function to Send ARP Packets at a
Constant Speed
This section describes how to enable a device to send ARP packets at a constant
rate, so that normal services of the peer device are not affected.
Background
By default, a device broadcasts ARP aging probe and Miss messages at varied
rates. If the number of ARP packets received by the peer device exceeds its
processing capability in milliseconds, packets may be lost and services may be
affected. To resolve the problem, enable the device to send ARP packets at a
constant rate and adjust the constant rate as required so that normal services of
the peer device are not affected.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 24
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run arp constant-send enable
Step 3 Run arp constant-send maximum maximum-value
The constant rate at which ARP packets are sent is set.
Step 4 Run commit
The configuration is committed.
----End
2.12 Configuring Association Between ARP and
Interface Status
Association between ARP and interface status allows the local device to check
whether the peer device is able to properly forward packets.
Background
To minimize the impact of device faults on services and improve network
availability, a network device must be able to quickly detect communication faults
of devices that are not directly connected. Then, measures can be taken to quickly
rectify the faults to ensure the normal running of services.
Association between ARP and interface status allows the local interface to send
ARP probe packets to the peer interface and checks whether the peer interface
can properly forward packets based on whether a reply packet is received. This
triggers fast route convergence.
Pre-configuration Tasks
Before configuring association between ARP and interface status, complete the
following tasks:
● Configure physical parameters of the interface and ensure that the interface is
physically Up.
● Configure the link layer protocol parameters and IP addresses for the
interface.
Procedure
1. Run system-view
The system view is displayed.
2. Run interface interface-type interface-number
The view of the interface on which ARP and interface status needs to be
enabled is displayed.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 25
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
3. Run ip address ip-address { mask | mask-length } [ sub ]
The IP address of the interface is configured.
4. Run arp status-detect ip-address
Association between ARP and interface status is enabled.
The destination IP address of ARP probe messages must be on the same network
segment as the IP address of the local interface. The probed device does not need to
be configured.
5. (Optional) Run arp status-detect mode loose
The interface is configured to send ARP probe messages in loose mode.
– In strict mode, an interface sends ARP probe messages when the physical
status is Up. The protocol status of the local interface remains unchanged
only when the local interface receives an ARP reply packet from the peer
interface and the source IP address of the ARP reply packet is the same as
the destination IP address of the ARP probe packet. If no ARP reply
packet is received from the peer interface within the allowable attempts,
the protocol status of the local interface is set to Down.
– In loose mode, an interface sends ARP probe messages only when both
the physical status and protocol status are Up. The protocol status of the
local interface remains unchanged only when the local interface receives
an ARP packet from the peer interface and the source IP address of the
ARP packet is the same as the destination IP address of the ARP probe
packet. If no ARP packet is received from the peer interface within the
allowable attempts, the protocol status of the local interface is set to
Down.
If association between ARP and interface status is configured on devices at both ends,
you are advised to configure at lease the device at one side to work in strict mode. Do
not configure devices at both ends to send ARP probe messages in loose mode.
6. (Optional) Run arp status-detect interval detect-interval
The interval at which ARP probe messages are sent has been configured.
Set the interval at which ARP probe messages are sent to a large value to
prevent interface flapping upon operations such as primary/secondary
switching.
7. (Optional) Run arp status-detect times detect-times
The maximum number of times that an interface can consecutively send ARP
probe messages has been configured.
Set the maximum number of times an interface can consecutively send ARP
probe messages to a large value to prevent interface flapping upon
operations such as primary/secondary switching.
8. Run commit
The configuration is committed.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 26
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Verifying the Configuration of Association Between ARP and Interface
Status
Run the display interface [ interface-type [ interface-number ] ] command to
check the status information and statistics of the interface.
2.13 Configuring a Rate for Sending ARP Broadcast
Packets
You can configure a proper rate for sending ARP broadcast packets to reduce CPU
usage.
Context
ARP broadcast packets delivered from the sub-interface are replicated to all
VLANs. If the number of VLANs is 100 and the number of ARP broadcast packets
sent per second is 50, the number of ARP broadcast packets replicated is 5000
(100 x 50). This may cause the peer device to be overloaded with ARP packets. As
a result, the downstream device becomes abnormal. When replicating a large
number of ARP broadcast packets, the local device may fail to send ARP packets
promptly, causing ARP learning failures. In this case, you can set a proper rate for
sending ARP broadcast packets to reduce CPU usage.
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run arp broadcast-send maximum maximum-value
A rate for sending ARP broadcast packets is configured.
In actual situations, after a rate for sending ARP broadcast packets is configured on a
device, the total number of ARP broadcast packets sent by the device is related to board
performance.
Step 3 Run commit
The configuration is committed.
----End
2.14 (Optional) Disabling ARP-MAC Association
The NetEngine 8000 by default supports ARP-MAC association. This function
allows fast updates of ARP entries and effectively guarantee real-time and stable
user traffic. However, the VLANIF interface performs synchronization on the host
after learning ARP entries. As a result, there are a large number of ARP entries on
all LPUs. To resolve the problem, disable ARP-MAC association in scenarios where
ARP entry synchronization is not required on the host.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 27
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Procedure
Step 1 Run system-view
The system view is displayed.
Step 2 Run interface vlanif vlan-id
The VLANIF interface view is displayed.
Step 3 Run mac-change notify-arp disable
ARP-MAC association is disabled.
Step 4 Run commit
The configuration is committed.
----End
2.15 Maintaining ARP
This section describes how to clear ARP statistics and monitor the operating
status.
2.15.1 Clearing ARP Statistics
This section describes how to clear ARP statistics.
Context
NOTICE
● Static ARP entries cannot be restored after they are cleared.
● The IP-MAC mapping is deleted after you clear ARP entries.
Procedure
● Run reset arp { all | dynamic ip ip-address [ vpn-instance vpn-instance-
name ] | interface interface-type interface-number [ ip ip-address ] | slot
slot-id }
The ARP entries have been cleared.
● Run reset arp packet statistics [ slot slot-id ]
The ARP statistics of a specified or all boards have been cleared.
● Run reset arp packet statistics interface [ interface-type interface-number ]
The ARP statistics of a specified or all Layer 3 interfaces have been cleared.
● Run reset arp packet statistics bridge-domain bd-id
The ARP statistics of a specified BD have been cleared.
----End
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 28
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
2.15.2 Monitoring the ARP Operating Status
This section describes how to monitor the ARP operating status.
Procedure
● Run the display arp all command in any view to check ARP entries on the
main control boards and all interface boards.
● Run the display arp interface interface-type interface-number command in
any view to check the ARP status on a specified interface.
● Run the display arp slot slot-id command in any view to check the ARP
status on the board in a specified slot.
● Run the display arp packet statistics [ slot slot-id | interface [ interface-type
interface-number ] ] command in any view to check ARP packet statistics.
----End
2.16 Configuration Examples for ARP
This section provides ARP configuration examples.
2.16.1 Example for Configuring Static ARP
This example provides an example for configuring static ARP.
Networking Requirements
ARP is a basic link layer protocol that maps devices' IP addresses to MAC
addresses. ARP is simple to use but does not have any security guarantee.
Attackers may send forged ARP packets to attack networks, interrupting normal
services or even breaking devices down. Therefore, carriers want to enhance
backbone network security.
As shown in Figure 2-1, hosts connect to the backbone network through routers.
To protect the devices on the backbone network against ARP attacks and ensure
stable data transmission, configure static ARP on routers.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 29
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Figure 2-1 Configuring static ARP
Precautions
None
Configuration Roadmap
The configuration roadmap is to configure static ARP entries on routers. These
entries will not be aged or overwritten by dynamic ARP entries so that user data
can be stably transmitted.
Data Preparation
To complete the configuration, you need IP addresses and MAC addresses between
which mappings need to be set up.
Procedure
Step 1 Configure static ARP entries on Device A. Repeat this step for Device B. For
configuration details, see Configuration Files in this section.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
[~DeviceA] arp static 10.1.1.1 00e0-fc41-0200
[*DeviceA] arp static 10.1.1.2 00e0-fc41-0202
[*DeviceA] arp static 10.1.1.3 00e0-fc41-0204
[*DeviceA] commit
Step 2 Verify the configuration.
# Run the display arp all command on Device A to check configured ARP entries.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 30
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
<DeviceA> display arp all
IP ADDRESS MAC ADDRESS EXPIRE(M) TYPE INTERFACE VPN-INSTANCE
VLAN/CEVLAN PVC
------------------------------------------------------------------------------
10.1.1.1 00e0-fc41-0200 S--
10.1.1.2 00e0-fc41-0202 S--
10.1.1.3 00e0-fc41-0204 S--
------------------------------------------------------------------------------
Total:3 Dynamic:0 Static:3 Interface:0 Redirect:0
----End
Configuration Files
● Device A configuration file
#
sysname DeviceA
#
arp static 10.1.1.1 00e0-fc41-0200
arp static 10.1.1.2 00e0-fc41-0202
arp static 10.1.1.3 00e0-fc41-0204
#
return
● Device B configuration file
#
sysname DeviceB
#
arp static 10.1.2.1 00e0-fc41-0300
arp static 10.1.2.2 00e0-fc41-0302
arp static 10.1.2.3 00e0-fc41-0304
#
return
2.16.2 Example for Configuring Routed Proxy ARP
This example provides an example for configuring routed proxy ARP.
Networking Requirements
Two hosts on the same network segment but on different physical networks need
to communicate with each other.
As shown in Figure 2-2, two routers are connected by . No default gateways are
set for Host A and Host B that reside on different physical networks. To enable
Host A and Host B to communicate with each other, configure routed proxy ARP
on routers.
Figure 2-2 Configuring routed proxy ARP
Interfaces 1 through 2 in this example are GE 1/0/0, GE 2/0/0, respectively.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 31
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Device Name Interface IP Address
Device A GE1/0/0 172.16.1.1/24
GE2/0/0 172.17.3.1/24
Device B GE1/0/0 172.16.2.1/24
GE2/0/0 172.17.3.2/24
Precautions
None
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure an IP address for the interface that connects each router to a host,
ensuring that the link between each host and each router is working properly.
2. Configure routed proxy ARP on the interface that connects each router to a
host. After receiving an ARP request (for the destination host's MAC address)
sent by the host, the router that has routed proxy ARP enabled responds to
the request with its own MAC address. The host then forwards data to the
router.
3. Configure a default route between two routers so that data can be
transmitted along the route.
Data Preparation
To complete the configuration, you need the following data:
● IP address of the interface that connects Device A to Host A: 172.16.1.1/24; IP
address of the interface that connects Device B to Host B: 172.16.2.1/24
● Default route on each router
● IP address of Host A: 172.16.1.2/16; IP address of Host B: 172.16.2.2/16
Procedure
Step 1 Configure routerDevice A.
# Configure an IP address for GE 1/0/0.
<HUAWEI> system-view
[~HUAWEI] sysname Device A
[*HUAWEI] commit
[~Device A] interface gigabitethernet 1/0/0
[~Device A-GigabitEthernet1/0/0] ip address 172.16.1.1 255.255.255.0
# Enable routed proxy ARP.
[*Device A-GigabitEthernet1/0/0] arp-proxy enable
[*Device A-GigabitEthernet1/0/0] undo shutdown
[*Device A-GigabitEthernet1/0/0] quit
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 32
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
# Configure a static route.
[*Device A] ip route-static 0.0.0.0 0 gigabitethernet 2/0/0 172.17.3.2
# Configure an IP address for GE 2/0/0.
[*Device A] interface gigabitethernet 2/0/0
[*Device A-GigabitEthernet2/0/0] ip address 172.17.3.1 255.255.255.0
[*Device A-GigabitEthernet2/0/0] undo shutdown
[*Device A-GigabitEthernet2/0/0] quit
[*Device A] commit
Step 2 Configure routerDevice B.
# Configure an IP address for GE 1/0/0.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceB
[*HUAWEI] commit
[~Device B] interface gigabitethernet 1/0/0
[~Device B-GigabitEthernet1/0/0] ip address 172.16.2.1 255.255.255.0
# Enable routed proxy ARP.
[*Device B-GigabitEthernet1/0/0] arp-proxy enable
[*Device B-GigabitEthernet1/0/0] undo shutdown
[*Device B-GigabitEthernet1/0/0] quit
# Configure a static route.
[*Device B] ip route-static 0.0.0.0 0 gigabitethernet 2/0/0 172.17.3.1
# Configure an IP address for GE 2/0/0.
[*Device B] interface gigabitethernet 2/0/0
[*Device B-GigabitEthernet2/0/0] ip address 172.17.3.2 255.255.255.0
[*Device B-GigabitEthernet2/0/0] undo shutdown
[*Device B-GigabitEthernet2/0/0] quit
[*Device B] commit
Step 3 Configure hosts.
# Configure an IP address for Host A.
# Configure an IP address for Host B.
Step 4 Verify the configuration.
# Ping Host B from Host A, and the ping is successful.
# Check ARP entries on Host A. The command output shows that the MAC
address of Host B is the MAC address of GE 1/0/0 on Device A.
C:\Documents and Settings\Administrator>arp -a
Interface: 172.16.1.2 --- 0x2
Internet Address Physical Address Type
172.16.2.2 00e0-fc39-80aa dynamic
----End
Configuration Files
● Device A configuration file
#
sysname Device A
#
ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet2/0/0 172.17.3.2
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 33
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 172.16.1.1 255.255.255.0
arp-proxy enable
#
interface GigabitEthernet2/0/0
undo shutdown
ip address 172.17.3.1 255.255.255.0
#
return
● Device B configuration file
#
sysname Device B
#
ip route-static 0.0.0.0 0.0.0.0 GigabitEthernet2/0/0 172.17.3.1
#
interface GigabitEthernet1/0/0
undo shutdown
ip address 172.16.2.1 255.255.255.0
arp-proxy enable
#
interface GigabitEthernet2/0/0
undo shutdown
ip address 172.17.3.2 255.255.255.0
#
return
2.16.3 Example for Configuring Proxy ARP Within a VLAN
If user isolation is configured for different users in the same virtual local area
network (VLAN), the users cannot communicate with each other. To resolve this
problem, you can configure proxy Address Resolution Protocol (ARP) for the VLAN.
Networking Requirements
As shown in Figure 2-3 CE is connected to the sub-interface Eth-Trunk1.1 of PE.
Eth-Trunk1.1 is associated with VLAN 10.
Host A and Host B are two users connected with CE. On CE, the interfaces
connected with Host A and Host B belong to the same VLAN. User isolation in a
VLAN is configured on CE.
To implement communication between Host A and Host B, enable proxy ARP
within a VLAN on Eth-Trunk1.1 of PE.
Figure 2-3 Configuring proxy ARP within a VLAN
Interfaces 1 and 2 in this example represent GE 1/0/1, GE 1/0/2, respectively.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 34
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Configuration Roadmap
The configuration roadmap is as follows:
1. Create a VLAN on the CE and configure the users that need to communicate
with each other to belong to the same VLAN.
2. Create Eth-Trunk1.1 on the PE and configure an IP address for the interface as
the gateway IP address.
3. Associate Eth-Trunk1.1 with VLAN 10.
4. Enable proxy ARP on Eth-Trunk1.1 so that isolated users in VLAN 10 can
communicate with each other.
Data Preparation
To complete the configuration, you need the following data:
● ID of the VLAN to which hosts belong: 10
● IP address of Eth-Trunk1.1: 10.10.10.1/24
● ID of the VLAN associated with Eth-Trunk1.1: 10
● Host A's IP address: 10.10.10.2/24; Host B's IP address: 10.10.10.3/24
Procedure
Step 1 Create a VLAN on the CE and configure the users that need to communicate with
each other to belong to the same VLAN.
<HUAWEI> system-view
[~HUAWEI] sysname CE
[*HUAWEI] commit
[~CE] vlan 10
[*CE-vlan 10] commit
[~CE-vlan 10] quit
[~CE] interface gigabitethernet 1/0/1
[~CE-GigabitEthernet1/0/1] portswitch
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 35
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
[*CE-GigabitEthernet1/0/1] undo shutdown
[*CE-GigabitEthernet1/0/1] port default vlan 10
[*CE-GigabitEthernet1/0/1] commit
[~CE-GigabitEthernet1/0/1] quit
[~CE] interface gigabitethernet 1/0/2
[~CE-GigabitEthernet1/0/2] portswitch
[*CE-GigabitEthernet1/0/2] undo shutdown
[*CE-GigabitEthernet1/0/2] port default vlan 10
[*CE-GigabitEthernet1/0/2] commit
[~CE-GigabitEthernet1/0/2] quit
[~CE] vlan 10
[*CE-vlan 10] port isolate gigabitethernet 1/0/1 gigabitethernet 1/0/2
Step 2 Create Eth-Trunk1.1 on the PE and configure an IP address for Eth-Trunk1.1.
<HUAWEI> system-view
[~HUAWEI] sysname PE
[*HUAWEI] commit
[~PE] interface eth-trunk 1.1
[*PE-Eth-Trunk1.1] ip address 10.10.10.1 255.255.255.0
[*PE-Eth-Trunk1.1] commit
Step 3 Configure IP addresses for Host A and Host B.
# Configure IP addresses for Host A and Host B. The IP addresses must be in the
same network segment with the IP address of Eth-Trunk1.1.
After successful configuration, Host A and Host B can ping the PE, but cannot ping
each other.
Step 4 Associate Eth-Trunk1.1 with VLAN 10.
[~PE-Eth-Trunk1.1] vlan-type dot1q 10
[*PE-Eth-Trunk1.1] commit
Step 5 Enable proxy ARP in VLAN 10 on Eth-Trunk1.1.
[~PE-Eth-Trunk1.1] arp-proxy inner-sub-vlan-proxy enable
[*PE-Eth-Trunk1.1] commit
Step 6 Verify the configuration.
Host A and Host B can ping each other.
----End
Configuration Files
● PE configuration file
#
sysname PE
#
interface Eth-Trunk1
undo shutdown
#
interface Eth-Trunk1.1
undo shutdown
vlan-type dot1q 10
ip address 10.10.10.1 255.255.255.0
arp-proxy inner-sub-vlan-proxy enable
#
return
● CE configuration file
#
sysname CE
#
vlan 10
#
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 36
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
interface GigabitEthernet1/0/1
portswitch
undo shutdown
port default vlan 10
#
interface GigabitEthernet1/0/2
portswitch
undo shutdown
port default vlan 10
#
vlan 10
port isolate GigabitEthernet1/0/1 GigabitEthernet1/0/2
return
2.16.4 Example for Configuring Proxy ARP Between VLANs
This section provides an example of how to configure proxy Address Resolution
Protocol (ARP) between virtual local area networks (VLANs).
Networking Requirements
Assume that an enterprise has many departments and IP addresses of these
departments are on the same network segment, to improve the service security, IP
addresses of Hosts used by employees in the same department are added to the
same VLAN and IP addresses of Hosts used by employees in different departments
are added to different VLANs. IP addresses of Hosts used by employees in different
departments need to communicate with each other.
As shown in Figure 2-4, IP addresses of the R&D department and test department
belong to different VLANs. It is required that IP addresses of Hosts used by
employees in different VLANs communicate with each other.
Figure 2-4 Configuring communication between VLANs through VLAN
aggregation
Interfaces 1 through 3 in this example are GE 1/0/1, GE 1/0/2, GE 1/0/3 respectively.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 37
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
IP addresses of the R&D department and test department are on the same
network segment. To save IP address resources, you can deploy VLAN aggregation
on devices of the R&D department and test department. This ensures that
different VLANs can communicate with each other.
Configuration Roadmap
The configuration roadmap is as follows:
1. Create VLAN on CE1 and CE2 to determine mappings between users and
VLANs.
2. Configure VLAN aggregation on PE.
a. Configure the Layer 2 forwarding function.
b. Create a super-VLAN, and add sub-VLANs to the super-VLAN for VLAN
aggregation.
c. Create the VLANIF interface of the super-VLAN and assign an IP address
to the VLANIF interface as the network gateway address.
3. Enable ARP proxy on the VLANIF interface of the super-VLAN and between
sub-VLANs so that sub-VLANs can communicate with each other on the Layer
3 network.
Data Preparation
To complete the configuration, you need the following data:
● User IP address
● Number of each port connecting a switch to a Host
● Sub-VLAN ID and super-VLAN ID
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 38
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
● Number and IP address of the VLANIF interface of the super-VLAN
Procedure
Step 1 Create a VLAN on CEs and add Layer 2 interfaces to the VLAN.
# Configure CE1.
<HUAWEI> system-view
[~HUAWEI] sysname CE1
[*HUAWEI] commit
[~CE1] vlan batch 2
[*CE1] commit
[~CE1] interface gigabitethernet 1/0/1
[~CE1-GigabitEthernet1/0/1] portswitch
[*CE1-GigabitEthernet1/0/1] undo shutdown
[*CE1-GigabitEthernet1/0/1] port link-type access
[*CE1-GigabitEthernet1/0/1] port default vlan 2
[*CE1-GigabitEthernet1/0/1] commit
[~CE1-GigabitEthernet1/0/1] quit
[~CE1] interface gigabitethernet 1/0/2
[~CE1-GigabitEthernet1/0/2] portswitch
[*CE1-GigabitEthernet1/0/2] undo shutdown
[*CE1-GigabitEthernet1/0/2] port link-type access
[*CE1-GigabitEthernet1/0/2] port default vlan 2
[*CE1-GigabitEthernet1/0/2] commit
[~CE1-GigabitEthernet1/0/2] quit
[~CE1] interface gigabitethernet 1/0/3
[~CE1-GigabitEthernet1/0/3] portswitch
[*CE1-GigabitEthernet1/0/3] undo shutdown
[*CE1-GigabitEthernet1/0/3] port link-type access
[*CE1-GigabitEthernet1/0/3] port default vlan 2
[*CE1-GigabitEthernet1/0/3] commit
[~CE1-GigabitEthernet1/0/3] quit
# Configure CE2.
<HUAWEI> system-view
[~HUAWEI] sysname CE2
[*HUAWEI] commit
[~CE2] vlan batch 3
[*CE2] commit
[~CE2] interface gigabitethernet 1/0/1
[~CE2-GigabitEthernet1/0/1] portswitch
[*CE2-GigabitEthernet1/0/1] undo shutdown
[*CE2-GigabitEthernet1/0/1] port link-type access
[*CE2-GigabitEthernet1/0/1] port default vlan 3
[*CE2-GigabitEthernet1/0/1] commit
[~CE2-GigabitEthernet1/0/1] quit
[~CE2] interface gigabitethernet 1/0/2
[~CE2-GigabitEthernet1/0/2] portswitch
[*CE2-GigabitEthernet1/0/2] undo shutdown
[*CE2-GigabitEthernet1/0/2] port link-type access
[*CE2-GigabitEthernet1/0/2] port default vlan 3
[*CE2-GigabitEthernet1/0/2] commit
[~CE2-GigabitEthernet1/0/2] quit
[~CE2] interface gigabitethernet 1/0/3
[~CE2-GigabitEthernet1/0/3] portswitch
[*CE2-GigabitEthernet1/0/3] undo shutdown
[*CE2-GigabitEthernet1/0/3] port link-type access
[*CE2-GigabitEthernet1/0/3] port default vlan 3
[*CE2-GigabitEthernet1/0/3] commit
[~CE2-GigabitEthernet1/0/3] quit
Step 2 Configure VLAN aggregation on the PE.
1. Configure the Layer 2 forwarding function.
<HUAWEI> system-view
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 39
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
[~HUAWEI] sysname PE
[*HUAWEI] commit
[~PE] vlan batch 2 to 4
[*PE] commit
[~PE] interface gigabitethernet 1/0/1
[~PE-GigabitEthernet1/0/1] portswitch
[*PE-GigabitEthernet1/0/1] undo shutdown
[*PE-GigabitEthernet1/0/1] port link-type trunk
[*PE-GigabitEthernet1/0/1] port trunk allow-pass vlan 2
[*PE-GigabitEthernet1/0/1] commit
[~PE-GigabitEthernet1/0/1] quit
[~PE] interface gigabitethernet 1/0/2
[~PE-GigabitEthernet1/0/2] portswitch
[*PE-GigabitEthernet1/0/2] undo shutdown
[*PE-GigabitEthernet1/0/2] port link-type trunk
[*PE-GigabitEthernet1/0/2] port trunk allow-pass vlan 3
[*PE-GigabitEthernet1/0/2] commit
[~PE-GigabitEthernet1/0/2] quit
2. Create a super-VLAN and add sub-VLANs to the super-VLAN.
[~PE] vlan 4
[*PE-vlan4] aggregate-vlan
[*PE-vlan4] access-vlan 2 to 3
[*PE-vlan4] commit
[~PE-vlan4] quit
3. Create a VLANIF interface for the super-VLAN and assign an IP address to the
VLANIF interface.
[~PE] interface vlanif 4
[*PE-vlanif4] ip address 10.1.1.12 24
[*PE-vlanif4] commit
After the preceding configurations, you can configure IP addresses as shown
in Figure 2-4 to Hosts. IP address of Hosts and the VLANIF interface are on
the same network segment.
If the configuration succeeds, IP addresses of Hosts used by employees in
different VLANs and the switch can ping each other; IP addresses of Hosts
used by employees in VLAN2 and VLAN3 cannot ping each other.
Step 3 Enable ARP proxy on the VLANIF interface of the super-VLAN and between sub-
VLANs.
[~PE-vlanif4] arp-proxy inter-sub-vlan-proxy enable
[*PE-vlanif4] commit
[~PE-vlanif4] quit
Step 4 Verify the configuration.
After the configuration, IP addresses of Hosts used by employees in VLAN2 and
VLAN3 can ping each other.
----End
Configuration Files
● CE1 configuration file
#
sysname CE1
#
vlan batch 2
#
interface GigabitEthernet1/0/1
portswitch
undo shutdown
port link-type access
port default vlan 2
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 40
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
#
interface GigabitEthernet1/0/2
portswitch
undo shutdown
port link-type access
port default vlan 2
#
interface GigabitEthernet1/0/3
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 2
#
return
● Configuration file of the CE2
#
sysname CE2
#
vlan batch 3
#
interface GigabitEthernet1/0/1
portswitch
undo shutdown
port link-type access
port default vlan 3
#
interface GigabitEthernet1/0/2
portswitch
undo shutdown
port link-type access
port default vlan 3
#
interface GigabitEthernet1/0/3
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 3
#
return
● Configuration file of the PE
#
sysname PE
#
vlan batch 2 to 4
#
vlan 4
aggregate-vlan
access-vlan 2 to 3
#
interface Vlanif4
ip address 10.1.1.12 255.255.255.0
arp-proxy enable
arp-proxy inter-sub-vlan-proxy enable
#
interface GigabitEthernet1/0/1
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 2
#
interface GigabitEthernet1/0/2
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 3
#
return
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 41
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
2.16.5 Example for Configuring Local Proxy ARP
This section provides an example for configuring local proxy ARP to allow two
isolated member interfaces in a BD to intercommunicate in an EVC scenario.
Networking Requirements
In the EVC model, after receiving packets, the member interfaces of a BD
broadcast these packets in the BD. To reduce broadcast operations, network
administrators usually configure split horizon on the member interfaces that do
not need to intercommunicate to isolate these member interfaces.
As shown in Figure 2-5, network administrators have configured split horizon on
PEs to isolate Host A and Host B. As user services develop, however, Host A and
Host B need to intercommunicate some day. To resolve this problem, network
administrators need to enable local proxy ARP on VBDIF interfaces to allow Host A
and Host B to intercommunicate.
Figure 2-5 Configuring local proxy ARP
Interface 1 and interface 2 in this example represent GE 1/0/1 and GE 1/0/2 respectively.
Precautions
After local proxy ARP is enabled, all users in the BD can intercommunicate. To
allow only specific users in a BD to intercommunicate, running the undo split-
horizon enable command on these member interfaces that need
intercommunicate to disable split horizon is recommended.
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 42
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure Layer 2 forwarding on the CE.
a. Create a VLAN on the CE and add the downstream interface of the CE to
the VLAN.
b. Configure Layer 2 forwarding on the CE so that the CE send single-
tagged packets to the PE.
2. Create an EVC model on the PE.
a. Configure a BD to forward services.
b. Create a Layer 2 sub-interface, add it to the BD, and configure traffic
encapsulation on the downstream interface to ensure that services access
the service access point.
c. Configure split horizon in the BD to isolate Host A and Host B.
3. Configure local proxy ARP on the PE.
a. Create a VBDIF interface and assign an IP address to it.
b. Enable local proxy ARP to allow Host A and Host B to intercommunicate.
Data Preparation
To complete the configuration, you need the following data:
● User VLAN ID
● Number of interfaces that connect the CEs and connect the CE to PE
● BD ID, traffic encapsulation type, and traffic behavior
● VBDIF interface number and IP address
Procedure
Step 1 Configure Layer 2 forwarding on the CE.
# Configure CE1.
<HUAWEI> system-view
[~HUAWEI] sysname CE1
[*HUAWEI] commit
[~CE1] vlan 10
[*CE1-vlan10] quit
[*CE1] interface gigabitethernet 1/0/1
[*CE1-GigabitEthernet1/0/1] undo shutdown
[*CE1-GigabitEthernet1/0/1] portswitch
[*CE1-GigabitEthernet1/0/1] port link-type access
[*CE1-GigabitEthernet1/0/1] port default vlan 10
[*CE1-GigabitEthernet1/0/1] quit
[*CE1] interface gigabitethernet 1/0/2
[*CE1-GigabitEthernet1/0/2] undo shutdown
[*CE1-GigabitEthernet1/0/2] portswitch
[*CE1-GigabitEthernet1/0/2] port link-type trunk
[*CE1-GigabitEthernet1/0/2] port trunk allow-pass vlan 10
[*CE1-GigabitEthernet1/0/2] commit
[~CE1-GigabitEthernet1/0/2] quit
# Configure CE2.
<HUAWEI> system-view
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 43
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
[~HUAWEI] sysname CE2
[*HUAWEI] commit
[~CE2] vlan 10
[*CE2-vlan10] quit
[*CE2] interface gigabitethernet 1/0/1
[*CE2-GigabitEthernet1/0/1] undo shutdown
[*CE2-GigabitEthernet1/0/1] portswitch
[*CE2-GigabitEthernet1/0/1] port link-type access
[*CE2-GigabitEthernet1/0/1] port default vlan 10
[*CE2-GigabitEthernet1/0/1] quit
[*CE2] interface gigabitethernet 1/0/2
[*CE2-GigabitEthernet1/0/2] undo shutdown
[*CE2-GigabitEthernet1/0/2] portswitch
[*CE2-GigabitEthernet1/0/2] port link-type trunk
[*CE2-GigabitEthernet1/0/2] port trunk allow-pass vlan 10
[*CE2-GigabitEthernet1/0/2] commit
[~CE2-GigabitEthernet1/0/2] quit
Step 2 Create an EVC model on the PE.
# Create a BD.
<HUAWEI> system-view
[~HUAWEI] sysname PE
[*HUAWEI] commit
[~PE] bridge-domain 10
[*PE-bd10] quit
# Create a Layer 2 sub-interface, add it to the BD, and configure traffic
encapsulation on the downstream interface.
[*PE] interface gigabitethernet 1/0/1
[*PE-GigabitEthernet1/0/1] undo shutdown
[*PE-GigabitEthernet1/0/1] quit
[*PE] interface gigabitethernet 1/0/1.1 mode l2
[*PE-GigabitEthernet1/0/1.1] encapsulation dot1q vid 10
[*PE-GigabitEthernet1/0/1.1] rewrite pop single
[*PE-GigabitEthernet1/0/1.1] bridge-domain 10
[*PE-GigabitEthernet1/0/1.1] commit
[~PE-GigabitEthernet1/0/1] quit
[~PE] interface gigabitethernet 1/0/2
[~PE-GigabitEthernet1/0/2] undo shutdown
[*PE-GigabitEthernet1/0/2] quit
[*PE] interface gigabitethernet 1/0/2.1 mode l2
[*PE-GigabitEthernet1/0/2.1] encapsulation dot1q vid 10
[*PE-GigabitEthernet1/0/2.1] rewrite pop single
[*PE-GigabitEthernet1/0/2.1] bridge-domain 10
[*PE-GigabitEthernet1/0/2.1] commit
[~PE-GigabitEthernet1/0/2] quit
# Ping the IP address of Host B on Host A. The ping operation succeeds.
c:\>ping 10.110.10.2
Pinging 10.110.10.2 with 32 bytes of data:
Reply from 10.110.10.2: bytes=32 time<1ms TTL=128
Reply from 10.110.10.2: bytes=32 time<1ms TTL=128
Reply from 10.110.10.2: bytes=32 time<1ms TTL=128
Reply from 10.110.10.2: bytes=32 time<1ms TTL=128
Ping statistics for 10.110.10.2:
Packets: Sent = 4, Received = 4, Lost = 0 <0% loss>,
Approximate round trip times in mill-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
# Configure split horizon in the BD.
[~PE] bridge-domain 10
[*PE-bd-10] split-horizon enable
[*PE-bd-10] quit
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 44
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
[*PE] commit
# Ping the IP address of Host B on Host A. The ping operation fails.
c:\>ping 10.110.10.2
Pinging 10.110.10.2 with 32 bytes of data:
Request timed out.
Request timed out.
Request timed out.
Request timed out.
Ping statistics for 10.110.10.2:
Pacets: Sent = 4, Received = 0, Lost = 4 <100% loss>,
Step 3 Configure local proxy ARP on the PE.
# Create a VBDIF interface and assign an IP address to it.
[~PE] interface vbdif 10
[*PE-Vbdif10] ip address 10.110.10.3 255.255.255.0
# Enable local proxy ARP.
[*PE-Vbdif10] arp-proxy local enable
[*PE-Vbdif10] commit
Step 4 Verify the configuration.
After the preceding configuration is complete, ping the IP address of Host B on
Host A. The ping operation succeeds.
c:\>ping 10.110.10.2
Pinging 10.110.10.2 with 32 bytes of data:
Reply from 10.110.10.2: bytes=32 time<1ms TTL=128
Reply from 10.110.10.2: bytes=32 time<1ms TTL=128
Reply from 10.110.10.2: bytes=32 time<1ms TTL=128
Reply from 10.110.10.2: bytes=32 time<1ms TTL=128
Ping statistics for 10.110.10.2:
Packets: Sent = 4, Received = 4, Lost = 0 <0% loss>,
Approximate round trip times in mill-seconds:
Minimum = 0ms, Maximum = 0ms, Average = 0ms
The display bridge-domain command output shows information about the BD to
which the Layer 2 sub-interface is added.
[~PE] display bridge-domain
The total number of bridge-domains is : 1
--------------------------------------------------------------------------------
MAC_LRN: MAC learning; STAT: Statistics; SPLIT: Split-horizon;
BC: Broadcast; MC: Unknown multicast; UC: Unknown unicast;
*down: Administratively down; FWD: Forward; DSD: Discard;
--------------------------------------------------------------------------------
BDID State MAC-LRN STAT BC MC UC SPLIT Description
--------------------------------------------------------------------------------
10 up enable disable FWD FWD FWD enable
----End
Configuration Files
● PE configuration file
#
sysname PE
#
vlan batch 10
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 45
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
#
bridge-domain 10
split-horizon enable
#
interface Vbdif10
undoshutdown
ip address 10.110.10.3 255.255.255.0
arp-proxy local enable
#
interface GigabitEthernet1/0/1
undo shutdown
#
interface GigabitEthernet1/0/1.1 mode l2
encapsulation dot1q vid 10
rewrite pop single
bridge-domain 10
#
interface GigabitEthernet1/0/2
undo shutdown
#
interface GigabitEthernet1/0/2.1 mode l2
encapsulation dot1q vid 10
rewrite pop single
bridge-domain 10
#
return
● CE1 configuration file
#
sysname CE1
#
vlan batch 10
#
interface GigabitEthernet1/0/1
portswitch
undo shutdown
port link-type access
port default vlan 10
#
interface GigabitEthernet1/0/2
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
return
● CE2 configuration file
#
sysname CE1
#
vlan batch 10
#
interface GigabitEthernet1/0/1
portswitch
undo shutdown
port link-type access
port default vlan 10
#
interface GigabitEthernet1/0/2
portswitch
undo shutdown
port link-type trunk
port trunk allow-pass vlan 10
#
return
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 46
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
2.16.6 Example for Configuring Association Between ARP and
Interface Status
This section describes how to configure association between ARP and interface
status.
Networking Requirements
On the network shown in Figure 2-6, DeviceA and DeviceB are connected over a
switch. If the link between DeviceA and the switch works properly, the link
between DeviceB and the switch becomes faulty. If both the physical status and
protocol status of interface 1 on DeviceA are up, DeviceA does not get aware of
the link fault between DeviceB and the switch. Instead, DeviceA still sends packets
to DeviceB over the switch. The packets, however, are discarded by the switch.
Then, association between ARP and interface status is enabled on DeviceA to
detect the status of interface 1 on DeviceB. In this manner, DeviceA rapidly adjusts
the status of interface 1 based on the status of the link between DeviceB and the
switch.
Figure 2-6 Configuring association between ARP and interface status
Interface 1 in this example represents GigabitEthernet 1/0/1.
Configuration Roadmap
The configuration roadmap is as follows:
1. Configure an IP address for the interface.
2. Enable association between ARP and interface status.
Data Preparation
To complete the configuration, you need the following data:
● Interface IP addresses
● Destination IP address of the ARP probe messages sent by the interface
Procedure
Step 1 Configure an IP address for the interface.
# Configure DeviceA.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceA
[*HUAWEI] commit
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 47
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
[~DeviceA] interface gigabitethernet 1/0/1
[~DeviceA-GigabitEthernet1/0/1] ip address 10.1.1.1 255.255.255.0
[*DeviceA-GigabitEthernet1/0/1] undo shutdown
[*DeviceA-GigabitEthernet1/0/1] commit
[~DeviceA-GigabitEthernet1/0/1] quit
# Configure DeviceB.
<HUAWEI> system-view
[~HUAWEI] sysname DeviceB
[*HUAWEI] commit
[~DeviceB] interface gigabitethernet 1/0/1
[~DeviceB-GigabitEthernet1/0/1] ip address 10.1.1.2 255.255.255.0
[*DeviceB-GigabitEthernet1/0/1] undo shutdown
[*DeviceB-GigabitEthernet1/0/1] commit
[~DeviceB-GigabitEthernet1/0/1] quit
# Run the ping command on DeviceA and ensure that GigabitEthernet 1/0/1 on
DeviceB is reachable.
[~DeviceA] ping 10.1.1.2
PING 10.1.1.2: 56 data bytes, press CTRL_C to break
Reply from 10.1.1.2: bytes=56 Sequence=1 ttl=255 time=62 ms
Reply from 10.1.1.2: bytes=56 Sequence=2 ttl=255 time=1 ms
Reply from 10.1.1.2: bytes=56 Sequence=3 ttl=255 time=1 ms
Reply from 10.1.1.2: bytes=56 Sequence=4 ttl=255 time=2 ms
Reply from 10.1.1.2: bytes=56 Sequence=5 ttl=255 time=2 ms
--- 10.1.1.2 ping statistics ---
5 packet(s) transmitted
5 packet(s) received
0.00% packet loss
round-trip min/avg/max = 1/13/62 ms
# Run the display interface command on both DeviceA and DeviceB to view the
status of GigabitEthernet 1/0/1 and check that both the physical status and
protocol status of the interface are up.
[~DeviceA] display interface gigabitethernet 1/0/1
GigabitEthernet1/0/1 current state : UP (ifindex: 9)
Line protocol current state : UP
Last line protocol up time : 2018-01-24 11:03:06
Link quality grade : GOOD
Description:
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.1.1.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc21-0302
Loopback:none, LAN full-duplex mode, Pause Flowcontrol: Receive Enable and Send Enable
Last physical up time : 2018-01-24 09:00:21
Last physical down time : 2018-01-24 08:58:14
Current system time: 2018-01-24 11:22:58
Statistics last cleared:never
Last 300 seconds input rate: 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bits/sec, 0 packets/sec
Input peak rate 0 bits/sec, Record time: -
Output peak rate 0 bits/sec, Record time: -
Input: 0 bytes, 1254 packets
Output: 0 bytes, 1261 packets
Input:
Unicast: 10 packets, Multicast: 46 packets
Broadcast: 1198 packets, JumboOctets: 0 packets
CRC: 0 packets, Symbol: 0 packets
Overrun: 0 packets, InRangeLength: 0 packets
LongPacket: 0 packets, Jabber: 0 packets, Alignment: 0 packets
Fragment: 0 packets, Undersized Frame: 0 packets
RxPause: 0 packets
Output:
Unicast: 11 packets, Multicast: 46 packets
Broadcast: 1204 packets, JumboOctets: 0 packets
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 48
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Lost: 0 packets, Overflow: 0 packets, Underrun: 0 packets
System: 0 packets, Overruns: 0 packets
TxPause: 0 packets
Last 300 seconds input utility rate: 0.00%
Last 300 seconds output utility rate: 0.00%
[~DeviceB] display interface gigabitethernet 1/0/1
GigabitEthernet1/0/1 current state : UP (ifindex: 9)
Line protocol current state : UP
Last line protocol up time : 2018-01-24 11:03:28
Link quality grade : GOOD
Description:
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.1.1.2/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc41-0302
Loopback:none, LAN full-duplex mode, Pause Flowcontrol: Receive Enable and Send Enable
Last physical up time : 2018-01-24 09:00:22
Last physical down time : 2018-01-24 09:00:21
Current system time: 2018-01-24 11:23:25
Statistics last cleared:never
Last 300 seconds input rate: 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bits/sec, 0 packets/sec
Input peak rate 0 bits/sec, Record time: -
Output peak rate 0 bits/sec, Record time: -
Input: 0 bytes, 1262 packets
Output: 0 bytes, 1255 packets
Input:
Unicast: 11 packets, Multicast: 47 packets
Broadcast: 1204 packets, JumboOctets: 0 packets
CRC: 0 packets, Symbol: 0 packets
Overrun: 0 packets, InRangeLength: 0 packets
LongPacket: 0 packets, Jabber: 0 packets, Alignment: 0 packets
Fragment: 0 packets, Undersized Frame: 0 packets
RxPause: 0 packets
Output:
Unicast: 10 packets, Multicast: 47 packets
Broadcast: 1198 packets, JumboOctets: 0 packets
Lost: 0 packets, Overflow: 0 packets, Underrun: 0 packets
System: 0 packets, Overruns: 0 packets
TxPause: 0 packets
Last 300 seconds input utility rate: 0.00%
Last 300 seconds output utility rate: 0.00%
Step 2 Simulate an interface fault.
# Run the shutdown command on GigabitEthernet 1/0/1 of DeviceB.
[~DeviceB] interface gigabitethernet 1/0/1
[~DeviceB-GigabitEthernet1/0/1] shutdown
[*DeviceB-GigabitEthernet1/0/1] commit
[~DeviceB-GigabitEthernet1/0/1] quit
# Run the display interface command on DeviceA to view the status of
GigabitEthernet 1/0/1 and check that both the physical status and protocol status
of the interface are Up.
[~DeviceA] display interface gigabitethernet 1/0/1
GigabitEthernet1/0/1 current state : UP (ifindex: 9)
Line protocol current state : UP
Last line protocol up time : 2018-01-24 11:03:06
Link quality grade : GOOD
Description:
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.1.1.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc21-0302
Loopback:none, LAN full-duplex mode, Pause Flowcontrol: Receive Enable and Send Enable
Last physical up time : 2018-01-24 09:00:21
Last physical down time : 2018-01-24 08:58:14
Current system time: 2018-01-24 11:25:18
Statistics last cleared:never
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 49
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Last 300 seconds input rate: 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bits/sec, 0 packets/sec
Input peak rate 0 bits/sec, Record time: -
Output peak rate 0 bits/sec, Record time: -
Input: 0 bytes, 1254 packets
Output: 0 bytes, 1261 packets
Input:
Unicast: 10 packets, Multicast: 46 packets
Broadcast: 1198 packets, JumboOctets: 0 packets
CRC: 0 packets, Symbol: 0 packets
Overrun: 0 packets, InRangeLength: 0 packets
LongPacket: 0 packets, Jabber: 0 packets, Alignment: 0 packets
Fragment: 0 packets, Undersized Frame: 0 packets
RxPause: 0 packets
Output:
Unicast: 11 packets, Multicast: 46 packets
Broadcast: 1204 packets, JumboOctets: 0 packets
Lost: 0 packets, Overflow: 0 packets, Underrun: 0 packets
System: 0 packets, Overruns: 0 packets
TxPause: 0 packets
Last 300 seconds input utility rate: 0.00%
Last 300 seconds output utility rate: 0.00%
# Run the ping command on DeviceA and ensure that GigabitEthernet1/0/1 on
DeviceB is reachable.
[~DeviceA] ping 10.1.1.2
PING 10.1.1.2: 56 data bytes, press CTRL_C to break
Request time out
Request time out
Request time out
Request time out
Request time out
--- 10.1.1.2 ping statistics ---
5 packet(s) transmitted
0 packet(s) received
100.00% packet loss
Step 3 Enable association between ARP and interface status on DeviceA.
# Enable the interface on DeviceA to send ARP probe messages.
[~DeviceA] interface gigabitethernet 1/0/1
[~DeviceA-GigabitEthernet1/0/1] arp status-detect 10.1.1.2
[*DeviceA-GigabitEthernet1/0/1] commit
[~DeviceA-GigabitEthernet1/0/1] quit
Step 4 Check the configurations.
# After the detection period elapses, the physical status of GigabitEthernet 1/0/1
of DeviceA becomes Up and the protocol status becomes Down.
[~DeviceA] display interface gigabitethernet 1/0/1
GigabitEthernet1/0/1 current state : UP (ifindex: 9)
Line protocol current state : DOWN
Link quality grade : GOOD
Description:
Route Port,The Maximum Transmit Unit is 1500
Internet Address is 10.1.1.1/24
IP Sending Frames' Format is PKTFMT_ETHNT_2, Hardware address is 00e0-fc21-0302
Loopback:none, LAN full-duplex mode, Pause Flowcontrol: Receive Enable and Send Enable
Last physical up time : 2018-01-24 12:03:24
Last physical down time : 2018-01-24 11:40:45
Current system time: 2018-01-24 12:06:25
Statistics last cleared:never
Last 300 seconds input rate: 0 bits/sec, 0 packets/sec
Last 300 seconds output rate: 0 bits/sec, 0 packets/sec
Input peak rate 0 bits/sec, Record time: -
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 50
HUAWEI NetEngine 8000 X Series Router
Configuration Guide - IP Services 2 ARP Configuration
Output peak rate 0 bits/sec, Record time: -
Input: 0 bytes, 1354 packets
Output: 0 bytes, 1370 packets
Input:
Unicast: 64 packets, Multicast: 91 packets
Broadcast: 1199 packets, JumboOctets: 0 packets
CRC: 0 packets, Symbol: 0 packets
Overrun: 0 packets, InRangeLength: 0 packets
LongPacket: 0 packets, Jabber: 0 packets, Alignment: 0 packets
Fragment: 0 packets, Undersized Frame: 0 packets
RxPause: 0 packets
Output:
Unicast: 12 packets, Multicast: 90 packets
Broadcast: 1268 packets, JumboOctets: 0 packets
Lost: 0 packets, Overflow: 0 packets, Underrun: 0 packets
System: 0 packets, Overruns: 0 packets
TxPause: 0 packets
Last 300 seconds input utility rate: 0.00%
Last 300 seconds output utility rate: 0.00%
----End
Configuration Files
● DeviceA configuration file
#
sysname DeviceA
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 10.1.1.1 255.255.255.0
arp status-detect 10.1.1.2
#
return
● DeviceB configuration file
#
sysname DeviceB
#
interface GigabitEthernet1/0/1
undo shutdown
ip address 10.1.1.2 255.255.255.0
#
return
Issue 04 (2020-04-30) Copyright © Huawei Technologies Co., Ltd. 51
You might also like
- Configuring Address Resolution Protocol Options: Finding Feature InformationNo ratings yetConfiguring Address Resolution Protocol Options: Finding Feature Information20 pages
- NetEngine 8000 M14, M8 and M4 V800R023C00SPC500 Configuration Guide 07 IP ServicesNo ratings yetNetEngine 8000 M14, M8 and M4 V800R023C00SPC500 Configuration Guide 07 IP Services751 pages
- NE9000 V800R023C00SPC500 Configuration Guide 07 IP ServicesNo ratings yetNE9000 V800R023C00SPC500 Configuration Guide 07 IP Services483 pages
- HC110110005 Address Resolution ProtocolNo ratings yetHC110110005 Address Resolution Protocol15 pages
- Address Resolution Protocol (ARP) 20250705 145616 0000No ratings yetAddress Resolution Protocol (ARP) 20250705 145616 00003 pages
- Understanding ARP and MAC in NetworkingNo ratings yetUnderstanding ARP and MAC in Networking32 pages
- Cisco CCNA Lab 9.8.1 Address Resolution Protocol ARPNo ratings yetCisco CCNA Lab 9.8.1 Address Resolution Protocol ARP8 pages
- Configuring Address Resolution Protocol Options: First Published: May 2, 2005 Last Updated: May 2, 2008No ratings yetConfiguring Address Resolution Protocol Options: First Published: May 2, 2005 Last Updated: May 2, 200822 pages
- ARP Unveiling The Hidden Logic of NetworkingNo ratings yetARP Unveiling The Hidden Logic of Networking10 pages
- DCN - Assignment-3 - Complex Engineering Problem1No ratings yetDCN - Assignment-3 - Complex Engineering Problem19 pages
- Difference Between Logical Address (IP Address) and Physical Address (MAC Address)No ratings yetDifference Between Logical Address (IP Address) and Physical Address (MAC Address)16 pages
- IP Addressing: NHRP Configuration Guide, Cisco IOS Release 12.4TNo ratings yetIP Addressing: NHRP Configuration Guide, Cisco IOS Release 12.4T56 pages
- Configuration Guide - IP Service (V200R002C00 - 01)No ratings yetConfiguration Guide - IP Service (V200R002C00 - 01)227 pages
- HC110110005 Address Resolution ProtocolNo ratings yetHC110110005 Address Resolution Protocol15 pages
- Web Technology and Commerce Unit-1 by Arun Pratap SinghNo ratings yetWeb Technology and Commerce Unit-1 by Arun Pratap Singh38 pages
- Configuration Guide - MPLS (V600R003C00 - 02)No ratings yetConfiguration Guide - MPLS (V600R003C00 - 02)642 pages
- Configuration Guide - MPLS (V600R003C00 - 02)No ratings yetConfiguration Guide - MPLS (V600R003C00 - 02)642 pages
- HP 830 Series PoE+ Unified Wired-WLAN Layer 3 Configuration GuideNo ratings yetHP 830 Series PoE+ Unified Wired-WLAN Layer 3 Configuration Guide152 pages
- HP 5120 EI Switch Series Layer 3 - IP Services100% (1)HP 5120 EI Switch Series Layer 3 - IP Services189 pages
- Mapping Internet Addresses To Physical Addresses (ARP)100% (1)Mapping Internet Addresses To Physical Addresses (ARP)27 pages
- Acceptance Test Guide: Operation AppendixesNo ratings yetAcceptance Test Guide: Operation Appendixes14 pages
- Colombia - WOM - IP - Training Proposal - 02092020No ratings yetColombia - WOM - IP - Training Proposal - 0209202033 pages
- Connectivity Planning of IP Bearer Network ISSUE 1.00No ratings yetConnectivity Planning of IP Bearer Network ISSUE 1.0067 pages
- IP Traffic Monitoring Configuration: About This ChapterNo ratings yetIP Traffic Monitoring Configuration: About This Chapter2 pages
- NetEngine 8000 X V800R012C00SPC300 Configuration Guide - VPN 04No ratings yetNetEngine 8000 X V800R012C00SPC300 Configuration Guide - VPN 042,935 pages
- NetEngine 8000 X V800R012C00SPC300 Configuration Guide - System Monitor 04No ratings yetNetEngine 8000 X V800R012C00SPC300 Configuration Guide - System Monitor 04513 pages
- Huawei - Training Description For Enterprise NetworkNo ratings yetHuawei - Training Description For Enterprise Network344 pages
- 10G SFP+ Passive Copper Twinax Cable (PCC) : Application FeaturesNo ratings yet10G SFP+ Passive Copper Twinax Cable (PCC) : Application Features12 pages
- Icom Ic-706Mkiig Mods and Tips: Page IndexNo ratings yetIcom Ic-706Mkiig Mods and Tips: Page Index15 pages
- CCIE Service Provider v5.0 Bootcamp WorkbookNo ratings yetCCIE Service Provider v5.0 Bootcamp Workbook60 pages
- Geminiano, Josef Carl Mikhail D. - NEC 3203 & 1ECNo ratings yetGeminiano, Josef Carl Mikhail D. - NEC 3203 & 1EC13 pages
- Network Monitoring Software - Network Management Software - OpManagerNo ratings yetNetwork Monitoring Software - Network Management Software - OpManager7 pages
- AZ-104 Dumps Microsoft Azure Administrator (Beta)100% (1)AZ-104 Dumps Microsoft Azure Administrator (Beta)14 pages
- Tax Invoice Cum Acknowledgement Receipt of TAN Application (Form 49B)No ratings yetTax Invoice Cum Acknowledgement Receipt of TAN Application (Form 49B)1 page
- Hide Solution Discussion: Correct Answer: BNo ratings yetHide Solution Discussion: Correct Answer: B22 pages
- Apple Computer, Inc.'S Reply in Support of Its Motion For Summary Judgment of InvalidityNo ratings yetApple Computer, Inc.'S Reply in Support of Its Motion For Summary Judgment of Invalidity21 pages