ARP Configuration
of network equipment, leaving the CPU down the network.
Flood attacks are based on the principle of the general flow of a large number of attack
packets in the network equipment such as routers, switches, and servers, leading to depletion
of network equipment, leaving the CPU down the network.
12.3.2 Configuring against ARP Flood
ARP flood attack is aimed mainly at the impact of network device's CPU, the core CPU
resources leading to depletion. To defend this type of attack, the switch must determine in
advance and to prohibit flood packet forwarding.
S6424-S2C2's ARP anti-flood function to identify each ARP traffic, according to the ARP
rate setting security thresholds to determine whether the ARP flood attack, when a host's ARP
traffic exceeds a set threshold, the switch will be considered a flood attack , immediately
pulled into the black host of the virus, banned from the host and all packet forwarding.
In order to facilitate the management of the network administrator to maintain,
S6424-S2C2, while the automatic protection will be saved in the system log related to alarms.
For disabled users, administrators can set automatic or manual recovery.
In the S6424-S2C2 switch on the entire process is as follows:
ï‚· Enable ARP anti-flood function will be broadcast ARP packets received on the CPU,
according to an ARP packet source MAC address to identify the different streams.
ï‚· Set security ARP rate, if the rate exceeds the threshold, the switch that is ARP attack.
ï‚· If you select the above command deny-all, when an ARP traffic exceeds the threshold set,
the switch will determine the source MAC address, the MAC address to the black hole list of
addresses to ban this address to forward all subsequent messages.
ï‚· If you select the above command deny-arp, ARP traffic when more than a set threshold,
the switch will be judged based on the source MAC address, the address against all
subsequent handling of ARP packets.
ï‚· For recovery to be disabled in the user's forwarding, administrators can set up automatic
or manual recovery time in two ways.
12.3.3 Configuring against ARP Flood
Table 12-5 Configure against ARP flood
Enter global
configuration mode
arp anti-flood threshold threshold
To Next Page
Loading...
Need help?
General
