DAI in a DHCP Environment
As mentioned earlier, DAI relies on the entries in the DHCP concern bounden database to verify IP-to-MAC
address bindings. Configure anniversary defended interface as trusted application the ip arp analysis assurance interface
configuration command. The trusted interfaces bypass the ARP analysis validation checks, and all other
packets are accountable to analysis back they access on untrusted interfaces.
Enable DAI on a per-VLAN base by application the ip arp analysis vlan [vlan-range] command from the global
configuration command.
Example 4-11 shows how to configure an interface as trusted and how to accredit DAI for VLANs 5 through 10.
Example 4-11. DAI in a DHCP Environment Configuration Example
Switch(config)# interface GigabitEthernet1/0/1
Switch(config-if)# ip arp analysis trust
Switch(config)# ip arp analysis vlan 5-10