Configuration Guide NFPP Configuration
Configuring the monitored time
If the isolated time is 0 (that is no isolation), the serviceview monitor will be
performed to auto-monitor the attacker according to the configured monitored
period, providing the attacker information in the system. If the isolated time is
but not 0, the DHCP-guard will perform hardware isolation towards the hosts
using the serviceview monitor.
Ruijie# configure terminal
Enter the global configuration mode.
Enter the nfpp configuration mode.
Ruijie(config-nfpp)# dhcp-guard
monitor-period seconds
Configure the monitored time,
ranging 180-86400s(one day). The
default value is 600s.
Return to the privileged EXEC mode.
Ruijie# show nfpp dhcp-guard summary
Show the parameter settings.
Ruijie# copy running-config
startup-config
To restore the monitored time to the default value, use the no dhcp-guard
monitor-period command in the nfpp configuration mode.
If the isolated time is 0, the serviceview monitor will be perform
to monitor the detected attacker, and the timeout time will be the
monitored period. In the process of the serviceview monitor, if
the isolated time is but not 0, the hardware isolation will be
performed to isolate the attacker, and the timeout time will be
the isolated period. Only be the monitored period valid when the
isolated period is 0.
Modifying the isolated time from non-0 to 0 removes the
attackers from the interface rather than performs the
serviceview monitor.
Configuring the monitored host limit
Ruijie# configure terminal
Enter the global configuration mode.
Enter the nfpp configuration mode.
Ruijie(config-nfpp)# dhcp-guard
monitored-host-limit seconds
Configure the monitored host limit,
ranging 1-4294967295. The default
value is1000.
To Next Page
Loading...
