Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
409
Views
0
Helpful
3
Replies

dai ip arp inspection limit

Jeff Van Houten
Level 5
Level 5

‎02-01-2013 04:48 AM - edited ‎03-07-2019 11:27 AM

We are using dai and the default limit of 15 pps is setting the port to err disable when the users are doing nothing more than using windows explorer to look through file shares. Does anyone have any recommendations as to what a reasonable limit would be?

Sent from Cisco Technical Support iPad App

Labels:
0 Helpful
3 Replies 3

Peter Paluch
Cisco Employee
Cisco Employee

‎02-04-2013 08:55 AM

Hello Jeff,

I wonder - what is the port that gets err-disabled connected to? Is it a common end host (perhaps a Windows workstation), or is there any kind of aggregation present - another switch perhaps? I do not think that receiving more than 15 ARP messages in a second from a single host is normal. I would believe, though, that the port gets err-disabled if it is a kind of uplink for multiple stations on which the ARP messages aggregate.

Best regards,

Peter

0 Helpful

Jeff Van Houten
Level 5
Level 5
In response to Peter Paluch

‎02-04-2013 09:50 AM

No these are just pcs. It happened to 3 different systems on Friday including mine.

I turned off proxy-arp on the Vlans allowed for these ports and re-enabled dai. I've yet to see an err-disable this morning so maybe that took care of it.

Sent from Cisco Technical Support iPad App

0 Helpful

Peter Paluch
Cisco Employee
Cisco Employee
In response to Jeff Van Houten

‎02-04-2013 11:44 AM

Hello Jeff,

Hmmm... Okay. Turning off the ProxyARP was a wise step to do. Let's see if that helps - somehow.

Best regards,

Peter

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card