HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 215
ARP attack protection commands, Unresolvable IP attack protection commands, arp resolving-route enable
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 215 highlights
ARP attack protection commands Unresolvable IP attack protection commands arp resolving-route enable Use arp resolving-route enable to enable ARP black hole routing. Use undo arp resolving-route enable to disable ARP black hole routing. Syntax arp resolving-route enable undo arp resolving-route enable Default ARP black hole routing is enabled. Views System view Predefined user roles network-admin Usage guidelines Configure this feature on the gateways. If a device receives a large number of unresolvable IP packets from a host, the following situations can occur. • The device sends a large number of ARP requests, overloading the target subnets. • The device keeps trying to resolve destination IP addresses, overloading its CPU. If the IP packets have different source addresses, you can enable the ARP black hole routing function. After receiving an unresolvable IP packet, the device creates a black hole route destined for the target IP address and drops all the matching packets until the black hole route ages out. Examples # Enable ARP black hole routing. system-view [Sysname] arp resolving-route enable arp source-suppression enable Use arp source-suppression enable to enable the ARP source suppression function. Use undo arp source-suppression enable to restore the default. Syntax arp source-suppression enable 206