Ruijie RG-S2900G-E Series

To Next Page

To Previous Page

Configuration Guide NFPP Configuration

“ICMP flood” attack: one one hand, you may configure the ICMP packet

rate-limit; on the other hand, you may detect and isolate the attack source.

ARP attack detection adopts the combination of source IP

address/VID/port-based. For each attack detection, you can configure the

rate-limit threshold and warning threshold. The ICMP packet will be dropped

when the packet rate exceeds the rate-limit threshold. When the ICMP packet

rate exceeds the warning threshold, it will prompt the warning messages and

send the TRAP message. The host-based attack detection can isolate the

attack source.

ICMP-guard configuration commands include:

 Enabling icmp-guard

 Configuring the isolated time

 Configuring the monitored time

 Configuring the monitored host limit

 Host-based rate-limit and attack detection

 Port-based rate-limit and attack detection

 Configuring trusted host

 Clearing monitored host

 Showing related icmp-guard information

Enabling ICMP-guard

You can enable icmp-guard in the nfpp configuration mode or in the interface

configuration mode. By default, the icmp-guard is enabled.

Command

Function

Ruijie# configure terminal

Enter the global configuration mode.

Ruijie(config)# nfpp

Enter the nfpp configuration mode.

Ruijie(config-nfpp)# icmp-guard enable

Enable the icmp-guard. By default,

icmp-guard is enabled.

Ruijie(config-nfpp)# end

Return to the privileged EXEC mode.

Ruijie# configure terminal

Enter the global configuration mode.

Ruijie# interface interface-name

Enter the interface configuration

mode.

Ruijie RG-S2900G-E Series - Page 712