Configuration Guide NFPP Configuration
address/VID/port-based. For each attack detection, you can configure the
rate-limit threshold and warning threshold. The DHCPv6 packet will be dropped
when the packet rate exceeds the rate-limit threshold. When the DHCPv6
packet rate exceeds the warning threshold, it will prompt the warning messages
and send the TRAP message. The host-based attack detection can isolate the
attack source.
DHCPv6-guard configuration commands include:
Enabling dhcpv6-guard
Configuring the isolated time
Configuring the monitored time
Configuring the monitored host limit
Host-based rate-limit and attack detection
Port-based rate-limit and attack detection
Clearing monitored host
Showing related dhcpv6-guard information
Enabling DHCPv6-guard
You can enable dhcpv6-guard in the nfpp configuration mode or in the interface
configuration mode. By default, the dhcpv6-guard is enabled.
Enable the dhcpv6-guard on the
interface. By default, dhcpv6-guard is
not enabled on the interface.
To Next Page
Loading...
Need help?
General