Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
509
Views
0
Helpful
2
Replies

Nexus 5K - Locking down HSRP ARP/MAC?

Go to solution
Lee Smitherman
Level 1
Level 1

‎03-07-2013 07:45 AM - edited ‎03-07-2019 12:06 PM

Hi,

Had a Sev 1 issue today.  We have a bunch of Nexus 5ks connecting to some HP C7000 Chassis for the use of Virual environments.  Engineers build and tear down servers during the day, however today, an engineer configured a virtual machine accidently with its IP address as the default gateway.  Each pair of nexus switches has one physical SVI per vlan and a HSRP address for the vlan.  Of course this engineer configuring the server IP address as the HSRP address killed the vlan... which lead me onto think... are they are tried and tested techniques to protect this from happening on the switch.  Enforcing the ARP/MAC of the HSRP address and not allowing it to change or any other device to change it?

All thoughts appreciated...

Lee.

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Gregory Snipes
Level 4
Level 4

‎03-07-2013 07:59 AM

I think you are looking for dynamic ARP inspection. Here is a sheet about configuring it in the Nexus 5000.

Best Regards,

Greg

View solution in original post

0 Helpful
2 Replies 2

Go to solution
Gregory Snipes
Level 4
Level 4

‎03-07-2013 07:59 AM

I think you are looking for dynamic ARP inspection. Here is a sheet about configuring it in the Nexus 5000.

Best Regards,

Greg

0 Helpful

Go to solution
Lee Smitherman
Level 1
Level 1

‎03-08-2013 12:36 AM

Spot on!

Thanks very much! Lee.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card