For anybody who stumbles on this post 6 years later, enabling protection against ARP poisoning doesn't mean blocking dynamic ARP. It means that a server cannot advertise ARP for IP addresses that don't belong to them.
It is a very dangerous idea to disable arp poisoining protections on all port (or to not have it enable). Doing so, might enable a local attacker from hijacking DHCP, DNS servers or Man-in-the-middle other non-authenticated and encrypted services (HTTP for example).
To enable ARP poisonning protection, on Dell, you need to activate DHCP snooping protection, which will activate Dynamic ARP Inspection.
Enabling DHCP Snooping from Dell website
To enable DHCP snooping, use the following commands.
Enable DHCP snooping globally.
CONFIGURATION mode ip dhcp snooping
Specify ports connected to DHCP servers as trusted.
INTERFACE mode INTERFACE PORT EXTENDER mode ip dhcp snooping trust
Enable DHCP snooping on a VLAN.
CONFIGURATION mode ip dhcp snooping vlan name
The following commands will show if it is active :
Dell#show arp inspection database
Protocol Address Age(min) Hardware Address Interface VLAN CPU
---------------------------------------------------------------------
Internet 10.1.1.251 - 00:00:4d:57:f2:50 Te 1/2 Vl 10 CP
Internet 10.1.1.252 - 00:00:4d:57:e6:f6 Te 1/1 Vl 10 CP
Internet 10.1.1.253 - 00:00:4d:57:f8:e8 Te 1/3 Vl 10 CP
Internet 10.1.1.254 - 00:00:4d:69:e8:f2 Te 1/5 Vl 10 CP
Dell#
To see inspection statistics :
Dell#show arp inspection statistics
Dynamic ARP Inspection (DAI) Statistics
---------------------------------------
Valid ARP Requests : 0
Valid ARP Replies : 1000
Invalid ARP Requests : 1000
Invalid ARP Replies : 0
Dell#
SOURCE
If you need specific devices to send ARP advertisement for ip address that don't belong to them, it is call a gratuitous ARP. Typically for Cisco Switches, you can enable gratuitous arp on specific port basis for server high availability configurations. See Cisco's Website
On Dell, the following command trust ARP for a port. This should not be performed unless necessary.
INTERFACE mode arp inspection-trust