Help us improve your experience.

Let us know what you think.

Do you have time for a two-minute survey?

 
 

Monitoring Port Security

Purpose

Note:

This topic applies only to the J-Web Application package.

Use the monitoring functionality to view these port security details:

  • DHCP snooping database for a VLAN or all VLANs

  • ARP inspection details for all interfaces

Action

To monitor port security in the J-Web interface, select Monitor > Security > Port Security.

To monitor and manipulate the DHCP snooping database and ARP inspection statistics in the CLI, enter the following commands:

  • show dhcp snooping binding

  • clear dhcp snooping binding—In addition to clearing the whole database, you can clear database entries for specified VLANs or MAC addresses.

  • show arp inspection statistics

  • clear arp inspection statistics

Note:

On EX4300 switches, to monitor and manipulate the DHCP snooping database and ARP inspection statistics in the CLI, enter the following commands:

  • show dhcp-security binding

  • clear dhcp-security binding—In addition to clearing the whole database, you can clear database entries for specified VLANs or IP Address.

  • show dhcp-security arp inspection statistics

  • clear arp inspection statistics

Meaning

The J-Web Port Security Monitoring page comprises two sections:

  • DHCP Snooping Details—Displays the DHCP snooping database for all the VLANs for which DHCP snooping is enabled. To view the DHCP snooping database for a specific VLAN, select the specific VLAN from the list.

  • ARP Inspection Details—Displays the ARP inspection details for all interfaces. The information includes details of the number of packets that passed ARP inspection and the number of packets that failed the inspection. The pie chart graphically represents these statistics when you select an interface. To view ARP inspection statistics for a specific interface, select the interface from the list.

You can use the following options on the page to clear DHCP snooping and ARP inspection details:

  • Clear All—Clears the DHCP snooping database, either for all VLANs if the option ALL has been selected in the Select VLANs list or for the specific VLAN that has been selected in that list.

  • Clear—Deletes a specific IP address from the DHCP snooping database.

To clear ARP inspection details on the page, click Clear All in the ARP inspection details section.

Note:

Clear All button in the ARP inspection details section is not supported on EX4300 switches.

Use the CLI commands to show and clear DHCP snooping database and ARP inspection statistics details.