317
Description
Use the arp rate-limit information command to set the interval for sending trap and log messages when
ARP packet rate exceeds the threshold rate.
Use the undo arp rate-limit information command to restore the default.
By default, the interval is 60 seconds.
NOTE:
This command must work in cooperation with the arp rate-limit command.
Examples
# Configure the switch to send trap and log messages every 120 seconds when ARP packet rate exceeds
the threshold rate.
<Sysname> system-view
[Sysname] arp rate-limit information interval 120
Source MAC address based ARP attack detection
configuration commands
arp anti-attack source-mac
Syntax
arp anti-attack source-mac { filter | monitor }
undo arp anti-attack source-mac [ filter | monitor ]
View
System view
Default level
2: System level
Parameters
filter: Specifies the filter mode.
monitor: Specifies the monitor mode.
Description
Use the arp anti-attack source-mac command to enable source MAC address based ARP attack detection
and specify the detection mode.
Use the undo arp anti-attack source-mac command to restore the default.
By default, source MAC address based ARP attack detection is disabled.
After you enable this feature, the switch checks the source MAC address of ARP packets received from the
VLAN. If the number of ARP packets received from a source MAC address within five seconds exceeds
the specified threshold:
ï‚· In filter detection mode, the switch displays a log message and filters out the ARP packets from the
MAC address.
To Next Page
Loading...
Need help?
General
