Monitoring Port Security
Purpose
Use the monitoring functionality to view these port security details:
- DHCP snooping database for a VLAN or all VLANs
- ARP inspection details for all interfaces
Action
To monitor port security in the J-Web interface, select Monitor > Security > Port Security.
To monitor and manipulate the DHCP snooping database and ARP inspection statistics in the CLI, enter the following commands:
- show dhcp snooping binding
- clear dhcp snooping binding—In addition to clearing the whole database, you can clear database entries for specified VLANs or MAC addresses.
- show arp inspection statistics
- clear arp inspection statistics
Meaning
The J-Web Port Security Monitoring page comprises two sections:
- DHCP Snooping—Displays the DHCP snooping database for all the VLANs for which DHCP snooping is enabled. To view the DHCP snooping database for a specific VLAN, select the specific VLAN from the list.
- ARP Inspection—Displays the ARP inspection details for all interfaces. The information includes details of the number of packets that passed ARP inspection and the number of packets that failed the inspection. The pie chart graphically represents these statistics when you select an interface. To view ARP inspection statistics for a specific interface, select the interface from the list.
You have the following options on the page:
- Clear ALL—Clears the DHCP snooping database, either for all VLANs if the option ALL has been selected in the Select VLANs list or for the specific VLAN that has been selected in that list.
- Clear—Deletes a specific IP address from the DHCP snooping database.
To clear ARP statistics on the page, click Clear All in the ARP Statistics section.
Use the CLI commands to show and clear DHCP snooping database and ARP inspection statistics details.