19
SYSTEM-GUARD CONFIGURATION
The system-guard function checks system-guard-enabled ports regularly to
determine if the ports are under attack. With this function enabled, if the number
of the packets received by a system-guard-enabled port exceeds the set threshold,
the port is regarded to be under attack. The switch then limits the rate of the port
and resumes port checking operation after a specific period elapses.
System-Guard
Configuration
The ssystem guard configuration includes:
■ Enabling the system-guard function
■ Configuring system-guard-related parameters
■ Specifying system-guard-enabled ports
Enabling the
System-Guard function
Table 174 lists the operations to enable the system-guard function.
Configuring
System-Guard-Related
Parameters
Table 175 lists the operations to configure system-guard-related parameters,
including system-guard mode, checking interval, threshold (in terms of the
number of the received packets), and controlling period. Note that the
configuration takes effect only after you enable the system-guard function.
Tab le 174 Enable the system-guard function
Operation Commands Description
Enter system view system-view -
Enable the
system-guard function
system-guard
enable
Required
By default, The system-guard
function is disabled.
Tab le 175 Configure system-guard related parameters
Operation Command Description
Enter system view system-view -
Configure
system-guard-related
parameters
system-guard mode
rate-limit interval-time
threshold timeout
Required
The default system-guard-related
parameters are as follows.
interval-time: 5 seconds
threshold: 64
timeout: 60 seconds
To Next Page
Loading...
