HP 6125G HP 6125G & 6125G/XG Blade Switches Security Command Reference - Page 263
Source MAC address based ARP attack detection configuration commands, arp anti-attack source-mac
View all HP 6125G manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 263 highlights
Parameters disable: Disables ARP packet rate limit. rate pps: Specifies the ARP packet rate in pps, in the range of 50 to 500. drop: Discards the exceeded packets. Description Use arp rate-limit to configure or disable ARP packet rate limit on an interface. Use undo arp rate-limit to restore the default. By default, ARP packet rate limit is enabled, and the ARP packet rate limit is 100 pps. Examples # Specify the ARP packet rate on layer 2 Ethernet port GigabitEthernet 1/0/1 as 50 pps, and exceeded packets will be discarded. system-view [Sysname] interface gigabitethernet 1/0/1 [Sysname-GigabitEthernet1/0/1] arp rate-limit rate 50 drop Source MAC address based ARP attack detection configuration commands arp anti-attack source-mac Syntax arp anti-attack source-mac { filter | monitor } View undo arp anti-attack source-mac [ filter | monitor ] System view Default level 2: System level Parameters filter: Specifies the filter mode. monitor: Specifies the monitor mode. Description Use arp anti-attack source-mac to enable source MAC address based ARP attack detection and specify the detection mode. Use undo arp anti-attack source-mac to restore the default. By default, source MAC address based ARP attack detection is disabled. After you enable this feature, the device checks the source MAC address of ARP packets received from the VLAN. It detects an attack when one MAC address sends more ARP packets in five seconds than the specified threshold. Upon detecting an attack, the device does the following: 254