456
After a blackhole route is created for an unresolved IP address, the device immediately starts
the first ARP blackhole route probe by sending an ARP request. If the resolution fails, the
device continues probing according to the probe settings. If the IP address resolution succeeds
in a probe, the device converts the blackhole route to a normal route. If an ARP blackhole route
ages out before the device finishes all probes, the device deletes the blackhole route and does
not perform the remaining probes.
This feature is applicable regardless of whether the attack packets have the same source
addresses.
Configuring ARP source suppression
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enable ARP source suppression.
arp source-suppression
enable
By default, ARP source suppression is
disabled.
3. Set the maximum number of
unresolvable packets that the
device can process per source IP
address within 5 seconds.
arp source-suppression
limit
limit-value
By default, the maximum number is
10.
Configuring ARP blackhole routing
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enable ARP blackhole routing.
arp resolving-route enable
By default, ARP blackhole routing
is enabled.
3. (Optional.) Set the number of
ARP blackhole route probes for
each unresolved IP address.
arp resolving-route
probe-count
count
The default setting is three
probes.
Set the ARP blackhole route
probe count to a big value, for
example, 25. If the device fails to
reach the destination IP address
temporarily and the probe count is
too small, all probes might be
finished before the problem is
resolved. As a result, non-attack
packets will be dropped. This
setting can avoid such situation.
4. (Optional.) Set the interval at
which the device probes ARP
blackhole routes.
arp resolving-route
probe-interval
interval
The default setting is 1 second.
Displaying and maintaining unresolvable IP attack protection
Execute display commands in any view.
Task Command
Display ARP source suppression configuration
information.
display arp source-suppression
To Next Page
Loading...
Need help?
General