Configuration Guide NFPP Configuration
The following example shows the describing information included in the sent
TRAP messages:
Failed to isolate host<IP=N/A,MAC=0000.0000.0004,port=Gi4/1,VLAN=1>.
It prompts the following message when the ARP scan was detected:
%NFPP_ARP_GUARD-4-SCAN: Host<IP=1.1.1.1,MAC=0000.0000.0004,port=Gi4/1,V
LAN=1> was detected. (2009-07-01 13:00:00)
The following example shows the describing information included in the sent
TRAP messages:
ARP scan from host< IP=1.1.1.1,MAC=0000.0000.0004,port=Gi4/1,VLAN=1> was
detected.
It saves the latest 256 pieces of records in the ARP scan table. When the ARP
scan table is full, it prompts:
%NFPP_ARP_GUARD-4-SCAN_TABLE_FULL: ARP scan table is full.
It prompts the following message to remind the administrator that the configured
rate-limit threshold is higher than the attack threshold:
%ERROR:rate limit is higher than attack threshold 500pps.”
It prompts the following message to remind the administrator that the configured
attack threshold is smaller than the rate-limit threshold:
%ERROR:attack threshold is smaller than rate limit 300pps.”
It sets a policy to the hardware when isolating the
attackers. When the hardware resources have been
exhausted, it prompts the message to inform the
administrator.
When it fails to allocate the memory to the detected
attackers, it prompts the message like
“%NFPP_ARP_GUARD-4-NO_MEMORY: Failed to alloc memory.”
to inform the administrator.
It contains only the latest 256 pieces of the records in the
ARP scan table. When the ARP scan table is full, the
newest record will overwrite the oldest one.
To Next Page
Loading...
