DAI in a Non-DHCP Environment
In non-DHCP environments, because there is no DHCP concern bounden database, the DAI can validate ARP
packets adjoin a user-defined ARP ACL to map hosts with a statically configured IP abode to their MAC
address.
Use the arp access-list [acl-name] command from the all-around agreement approach on the about-face to ascertain an
ARP ACL and administer the ARP ACL to the defined VLANs on the switch.
Example 4-12 shows how to configure an ARP ACL to admittance ARP packets from host IP abode 10.1.1.11 with
MAC abode 0011.0011.0011 and how to administer this ACL to VLAN 5 with the interface configured as untrusted.
Example 4-12. DAI in a Non-DHCP Environment Agreement Example
Switch(config)# arp access-list arpacl
Switch(config-arp-acl)# admittance ip host 10.1.1.11 mac host 0011.0011.0011
Switch(config-arp-acl)# exit
Switch(config)# ip arp analysis clarify arpacl vlan 5
Switch(config)# interface GigabitEthernet1/0/2
Switch(config-if)# no ip arp analysis trust
Use the appearance ip arp analysis vlan [vlan# or range] command to verify the configuration.