Ruijie RG-S2900G-E Series

To Next Page

To Previous Page

Configuration Guide NFPP Configuration

It prompts the following message when the NS-NA DoS attack was detected on

a port:

%NFPP_ND_GUARD-4-PORT_ATTACKED: NS-NA DoS attack was detected

on port Gi4/1. (2009-07-01 13:00:00)

The following is additional information of the sent TRAP packet :

NS-NA DoS attack was detected on port Gi4/1.

It prompts the following message when the RS DoS attack was detected on a

port:

%NFPP_ND_GUARD-4-PORT_ATTACKED: RS DoS attack was detected on

port Gi4/1. (2009-07-01 13:00:00)

The following is additional information of the sent TRAP packet :

RS DoS attack was detected on port Gi4/1.

It prompts the following message when the RA-REDIRECT DoS attack was

detected on a port:

%NFPP_ND_GUARD-4-PORT_ATTACKED: RA-REDIRECT DoS attack was

detected on port Gi4/1. (2009-07-01 13:00:00)

The following is additional information of the sent TRAP packet :

RA-REDIRECT DoS attack was detected on port Gi4/1.

This section shows the administrator how to configure the port-based rate-limit

and attack detection in the nfpp configuration mode and in the interface

configuration mode:

Command

Function

Ruijie# configure terminal

Enter the global configuration mode.

Ruijie(config)# nfpp

Enter the nfpp configuration mode.

Ruijie(config)# nd-guard rate-limit

per-port [ns-na | rs | ra-redirect] pps

Configure the rate-limit of the ND packets

on the port, ranging from 1 to 9999, 15 by

default.

Ruijie(config)# nd-guard

attack-threshold per-port [ns-na | rs |

ra-redirect] pps

Configure the attack threshold, ranging

from 1 to 9999, 30 by default.

When the ND packet number on a port

exceeds the attack threshold, the CLI

prompts and the TRAP packets are sent.

Ruijie RG-S2900G-E Series - Page 747