Configuration Guide NFPP Configuration
If the isolated time is 0, the serviceview monitor will be perform
to monitor the detected attacker, and the timeout time will be the
monitored period. In the process of the serviceview monitor, if
the isolated time is but not 0, the hardware isolation will be
performed to isolate the attacker, and the timeout time will be
the isolated period. Only be the monitored period valid when the
isolated period is 0.
Modifying the isolated time from non-0 to 0 removes the
attackers from the interface rather than performs the
serviceview monitor.
Configuring the monitored host limit
Ruijie# configure terminal
Enter the global configuration mode.
Enter the nfpp configuration mode.
Ruijie(config-nfpp)# dhcpv6-guard
monitored-host-limit seconds
Configure the monitored host limit,
ranging 1-4294967295. The default
value is1000.
Return to the privileged EXEC mode.
Ruijie# show nfpp dhcpv6-guard
summary
Show the parameter settings.
Ruijie# copy running-config
startup-config
To restore the monitored host limit to the default value, use the no
dhcpv6-guard monitored-host-limit command in the nfpp configuration
mode.
If the monitored host number has reached the default 1000, and the
administrator sets the monitored host limit smaller than 1000, the existent
moniored hosts will not be deleted and it will prompt the message “%ERROR: The
value that you configured is smaller than current monitored hosts 1000,please
clear a part of monitored hosts.” to notify the administrator of the invalid
configuration and removing a part of the monitored hosts.
It prompts the message that “%
NFPP_DHCPV6_GUARD-4-SESSION_LIMIT: Attempt to exceed limit of
1000 monitored hosts.” if the monitored host table is full.
To Next Page
Loading...
Need help?
General