Судя по логам IMPB блокировка работает несколько неверно:
Код:
Index Time Log Text
----- -------------------- ------------------------------------------
500 Aug 7 14:38:38 :IMPB-4:Unathenticated IP-MAC address and discarded by ip mac port binding (IP: 10.0.X.X, MAC: 94-DE-80-XX-XX-XX, Port: 4)
499 Aug 7 14:38:38 :IMPB-4:Unathenticated IP-MAC address and discarded by ip mac port binding (IP: 10.0.X.X, MAC: 94-DE-80-XX-XX-XX, Port: 4)
498 Aug 7 14:38:37 :IMPB-4:Unathenticated IP-MAC address and discarded by ip mac port binding (IP: 10.0.X.X, MAC: 94-DE-80-XX-XX-XX, Port: 4)
497 Aug 7 14:38:37 :IMPB-4:Unathenticated IP-MAC address and discarded by ip mac port binding (IP: 10.0.X.X, MAC: 94-DE-80-XX-XX-XX, Port: 4)
496 Aug 7 14:38:36 :IMPB-4:Unathenticated IP-MAC address and discarded by ip mac port binding (IP: 10.0.X.X, MAC: 94-DE-80-XX-XX-XX, Port: 4)
495 Aug 7 14:38:36 :IMPB-4:Unathenticated IP-MAC address and discarded by ip mac port binding (IP: 10.0.X.X, MAC: 94-DE-80-XX-XX-XX, Port: 4)
494 Aug 7 14:38:35 :IMPB-4:Unathenticated IP-MAC address and discarded by ip mac port binding (IP: 10.0.X.X, MAC: 94-DE-80-XX-XX-XX, Port: 4)
493 Aug 7 14:38:35 :IMPB-4:Unathenticated IP-MAC address and discarded by ip mac port binding (IP: 10.0.X.X, MAC: 94-DE-80-XX-XX-XX, Port: 4)
Похоже каждый пакет попадает в лог.
Update:
Код:
config address_binding ip_mac ports 4 arp_inspection strict ip_inspection enable state enable allow_zeroip disable forward_dhcppkt enable
config address_binding dhcp_snoop max_entry ports 4 limit no_limit
config address_binding dhcp_snoop max_entry ports 4 limit no_limit IPv6