479
4. Return to system view.
quit
N/A
5.
Enter Layer 2 Ethernet or
aggregate interface view.
interface
interface-type
interface-number
N/A
6. (Optional.)
Configure the
interface as ND trusted
interface.
ipv6 nd detection trust
By default, all interfaces are ND
untrusted interfaces.
Displaying and maintaining ND attack detection
Execute display commands in any view and reset commands in user view.
Display statistics for ND messages
dropped by ND attack detection.
display ipv6 nd detection statistics
[
interface
interface-type
interface-number ]
Clear ND attack detection statistics.
reset ipv6 nd detection statistics
[
interface
interface-type
interface-number ]
ND attack detection configuration example
Network requirements
As shown in Figure 145, configure ND attack detection on Device B to check user validity for ND
messages from Host A and Host B.
Figure 145 Network diagram
Device A
Device B
Host A Host B
GE1/
0/3
Vlan
-int10
10
::1/
64
Gateway
GE1/
01
GE
1/
0/
3
GE1/
0/2
VLAN
10
ND snooping
10::6
/64
0001-0203-
0607
10::5/
64
0001-0203-0405
Internet
To Next Page
Loading...
Need help?
General