User Guide
214
Note: Delete configurations of TCP virus with destination port of 10
5.3.28 ARP Attack Defense Configuration
Enable ARP Attack Defense
TENDA(config)# interface gigabitethernet 0/10
TENDA(config-if)# ip arp inspection trust
TENDA(config-if)# ip arp inspection limit rate 200
Note: Enable ARP attack defense on port 10 and ARP RX rate to 200PPS
TENDA(config)# interface rang gigabitethernet 0/11-20
TENDA(config-if)# ip arp inspection trust
TENDA(config-if)# ip arp inspection limit rate 150
Note: Enable ARP attack defense on ports 11-20 and ARP RX rate to 150PPS
Disable ARP Attack Defense
TENDA(config)# interface gigabitethernet 0/10
TENDA(config-if)# no ip arp inspection trust
Note: Disable ARP Attack Defense on port 10
TENDA(config)# interface rang gigabitethernet 0/11-20
TENDA(config-if)# no ip arp inspection trust
Note: Disable ARP Attack Defense on ports11-20
5.3.29 Config MAC Attack Defense
TENDA(config)# interface gigabitethernet 0/1
TENDA(config-if)# mac-address learning-limit 8191
Note: Set no limit of MAC address learning on port 1
TENDA(config-if)# mac-address learning-limit 0
Note: Disable MAC address learning on port 1
TENDA(config-if)# mac-address learning-limit 200
Note: Set MAC Address learning Limit on port 1 to 200
TENDA(config)# interface rang gigabitethernet 0/1-24
TENDA(config-if)# mac-address learning-limit 2000
Note: Set MAC Address learning Limit on ports 1-24 to 2000
TENDA(config-if)# mac-address unknown-discard
Note: Enable to drop excessive MAC address learning packets (beyond address limit)
TENDA(config-if)#no mac-address unknown-discard
Note: Disable to drop excessive MAC address learning packets (beyond address limit)
To Next Page
Loading...
Need help?
General
