HP 6125XLG R2306-HP 6125XLG Blade Switch Security Command Reference - Page 218
Source MAC-based ARP attack detection commands, arp source-mac
View all HP 6125XLG manuals
Add to My Manuals
Save this manual to your list of manuals |
Page 218 highlights
Views Ethernet interface view, aggregate interface view Predefined user roles network-admin Parameters pps: Specifies the upper limit for ARP packet rate in pps, in the range of 5 to 200. Examples # Specify the maximum ARP packet rate on Ten-GigabitEthernet 1/1/5 as 50 pps. system-view [Sysname] interface ten-gigabitethernet 1/1/5 [Sysname-Ten-GigabitEthernet1/1/5] arp rate-limit 50 Source MAC-based ARP attack detection commands arp source-mac Use arp source-mac to enable the source MAC-based ARP attack detection and specify a handling method. Use undo arp source-mac to restore the default. Syntax arp source-mac { filter | monitor } undo arp source-mac [ filter | monitor ] Default The source MAC-based ARP attack detection function is disabled. Views System view Predefined user roles network-admin Parameters filter: Generates log messages and discards subsequent ARP packets from the MAC address. monitor: Only generates log message. Usage guidelines Configure this feature on the gateway devices. This function enables the router to check the source MAC address of ARP packets received from the same MAC address within 5 seconds against a specific threshold. If the threshold is exceeded, the router takes the preconfigured method to handle the attack. 209