Home » TP-Link Manuals » Hubs & Switches » TP-Link TL-SG5412F » Manual Viewer

TP-Link TL-SG5412F TL-SG5412F V1 User Guide - Page 167

ARP Detect

Add to My Manuals
Save this manual to your list of manuals

Page 167 highlights

 ARP Flooding Attack The attacker broadcasts a mass of various fake ARP packets in a network segment to occupy the network bandwidth viciously, which results in a dramatic slowdown of network speed. Meantime, the Gateway learns the false IP address-to-MAC address mapping entries from these ARP packets and updates its ARP table. As a result, the ARP table is fully occupied by the false entries and unable to learn the ARP entries of legal Hosts, which causes that the legal Hosts can not access the external network. The IP-MAC Binding function allows the switch to bind the IP address, MAC address, VLAN ID and the connected Port number of the Host together when the Host connects to the switch. Based on the predefined IP-MAC Binding entries, the ARP Inspection functions to detect the ARP packets and filter the illegal ARP packet so as to prevent the network from ARP attacks. The ARP Inspection function is implemented on the ARP Detect, ARP Defend and ARP Statistics pages. 11.2.1 ARP Detect ARP Detect feature enables the switch to detect the ARP packets based on the bound entries in the IP-MAC Binding Table and filter the illegal ARP packets, so as to prevent the network from ARP attacks, such as the Network Gateway Spoofing and Man-In-The-Middle Attack, etc. Choose the menu Network Security→ARP Inspection→ARP Detect to load the following page. Figure 11-13 ARP Detect The following entries are displayed on this screen:  ARP Detect ARP Detect: Enable/Disable the ARP Detect function, and click the Apply button to apply.  Trusted Port Trusted Port: Select the port for which the ARP Detect function is unnecessary as the Trusted Port. The specific ports, such as up-linked port, routing port and LAG port, should be set as Trusted Port. To ensure the normal communication of the switch, please configure the ARP Trusted Port before enabling the ARP Detect function. 158

Section	Page
1.1 Intended Readers	11
1.2 Conventions	11
1.3 Overview of This Guide	11
2.1 Overview of the Switch	16
2.2 Main Features	16
2.3 Appearance Description	17
2.3.1 Front Panel	17
2.3.2 Rear Panel	18
3.1 Login	19
3.2 Configuration	19
4.1 System Info	21
4.1.1 System Summary	21
4.1.2 Device Description	23
4.1.3 System Time	23
4.1.4 System IP	25
4.2 User Manage	26
4.2.1 User Table	26
4.2.2 User Config	27
4.3 System Tools	28
4.3.1 Config Restore	28
4.3.2 Config Backup	29
4.3.3 Firmware Upgrade	29
4.3.4 System Reboot	30
4.3.5 System Reset	30
4.4 Access Security	31
4.4.1 Access Control	31
4.4.2 SSL Config	32
4.4.3 SSH Config	33
5.1 Port	39
5.1.1 Port Config	39
5.1.2 Port Mirror	40
5.1.3 Port Security	42
5.1.4 Port Isolation	44
5.2 LAG	45
5.2.1 LAG Table	45
5.2.2 Static LAG	47
5.2.3 LACP Config	48
5.3 Traffic Monitor	50
5.3.1 Traffic Summary	50
5.3.2 Traffic Statistics	51
5.4 MAC Address	53
5.4.1 Address Table	53
5.4.2 Static Address	55
5.4.3 Dynamic Address	56
5.4.4 Filtering Address	58
6.1 802.1Q VLAN	61
6.1.1 VLAN Config	62
6.1.2 Port Config	65
6.2 Protocol VLAN	67
6.2.1 Protocol VLAN	67
6.2.2 Protocol Template	68
6.2.3 Port Enable	69
6.3 Application Example for 802.1Q VLAN	70
6.4 Application Example for Protocol VLAN	71
6.5 VLAN VPN	73
6.5.1 VPN Config	74
6.5.2 Port Enable	74
6.6 GVRP	75
6.7 Private VLAN	78
6.7.1 PVLAN	82
6.7.2 Port Config	83
6.8 Application Example for Private VLAN	84
7.1 STP Config	92
7.1.1 STP Config	92
7.1.2 STP Summary	93
7.2 Port Config	94
7.3 MSTP Instance	96
7.3.1 Region Config	97
7.3.2 Instance Config	97
7.3.3 Instance Port Config	98
7.4 STP Security	100
7.4.1 Port Protect	100
7.4.2 TC Protect	103
7.5 Application Example for STP Function	103
8.1 IGMP Snooping	109
8.1.1 Snooping Config	110
8.1.2 Port Config	111
8.1.3 VLAN Config	113
8.1.4 Multicast VLAN	114
8.2 Multicast IP	118
8.2.1 Multicast IP Table	118
8.2.2 Static Multicast IP	119
8.3 Multicast Filter	120
8.3.1 IP-Range	120
8.3.2 Port Filter	121
8.4 Packet Statistics	122
9.1 DiffServ	126
9.1.1 Port Priority	126
9.1.2 Schedule Mode	127
9.1.3 802.1P Priority	128
9.1.4 DSCP Priority	129
9.2 Bandwidth Control	131
9.2.1 Rate Limit	131
9.2.2 Storm Control	132
9.3 Voice VLAN	134
9.3.1 Global Config	136
9.3.2 Port Config	136
9.3.3 OUI Config	138
10.1 Time-Range	140
10.1.1 Time-Range Summary	140
10.1.2 Time-Range Create	141
10.1.3 Holiday Config	142
10.2 ACL Config	142
10.2.1 ACL Summary	143
10.2.2 ACL Create	143
10.2.3 MAC ACL	144
10.2.4 Standard-IP ACL	145
10.2.5 Extend-IP ACL	145
10.3 Policy Config	147
10.3.1 Policy Summary	147
10.3.2 Policy Create	147
10.3.3 Action Create	148
10.4 Policy Binding	149
10.4.1 Binding Table	149
10.4.2 Port Binding	150
10.4.3 VLAN Binding	150
11.1 IP-MAC Binding	154
11.1.1 Binding Table	154
11.1.2 Manual Binding	155
11.1.3 ARP Scanning	157
11.1.4 DHCP Snooping	158
11.2 ARP Inspection	164
11.2.1 ARP Detect	167
11.2.2 ARP Defend	168
11.2.3 ARP Statistics	169
11.3 IP Source Guard	170
11.4 DoS Defend	171
11.5 802.1X	172
11.5.1 Global Config	176
11.5.2 Port Config	178
11.5.3 Radius Server	179
12.1 SNMP Config	183
12.1.1 Global Config	183
12.1.2 SNMP View	184
12.1.3 SNMP Group	185
12.1.4 SNMP User	186
12.1.5 SNMP Community	188
12.2 Notification	190
12.3 RMON	192
12.3.1 History Control	192
12.3.2 Event Config	193
12.3.3 Alarm Config	194
13.1 Basic Config	200
13.1.1 Global Config	200
13.1.2 Port Config	202
13.2 Device Info	202
13.2.1 Local Info	203
13.2.2 Neighbor Info	203
13.2.3 Device Statistics	204
14.1 NDP	208
14.1.1 Neighbor Info	208
14.1.2 NDP Summary	209
14.1.3 NDP Config	210
14.2 NTDP	211
14.2.1 Device Table	211
14.2.2 NTDP Summary	213
14.2.3 NTDP Config	215
14.3 Cluster	216
14.3.1 Cluster Summary	216
14.3.2 Cluster Config	219
14.3.3 Member Config	221
14.3.4 Cluster Topology	222
14.4 Application Example for Cluster Function	224
15.1 System Monitor	227
15.1.1 CPU Monitor	227
15.1.2 Memory Monitor	228
15.2 Log	229
15.2.1 Log Table	230
15.2.2 Local Log	231
15.2.3 Remote Log	231
15.2.4 Backup Log	232
15.3 Device Diagnose	233
15.3.1 Cable Test	233
15.3.2 Loopback	234
15.4 Network Diagnose	235
15.4.1 Ping	235

Match case Limit results 1 per page



ARP Flooding Attack

The attacker broadcasts a mass of various fake ARP packets in a network segment to occupy the

network bandwidth viciously, which results in a dramatic slowdown of network speed. Meantime,

the Gateway learns the false IP address-to-MAC address mapping entries from these ARP

packets and updates its ARP table. As a result, the ARP table is fully occupied by the false entries

and unable to learn the ARP entries of legal Hosts, which causes that the legal Hosts can not

access the external network.

The IP-MAC Binding function allows the switch to bind the IP address, MAC address, VLAN ID

and the connected Port number of the Host together when the Host connects to the switch. Based

on the predefined IP-MAC Binding entries, the ARP Inspection functions to detect the ARP packets

and filter the illegal ARP packet so as to prevent the network from ARP attacks.

The

ARP Inspection

function is implemented on the

ARP Detect

ARP Defend

and

ARP

Statistics

pages.

11.2.1 ARP Detect

ARP Detect feature enables the switch to detect the ARP packets based on the bound entries in

the IP-MAC Binding Table and filter the illegal ARP packets, so as to prevent the network from

ARP attacks, such as the Network Gateway Spoofing and Man-In-The-Middle Attack, etc.

Choose the menu

Network Security

→

ARP Inspection

→

ARP Detect

to load the following page.

Figure 11-13 ARP Detect

The following entries are displayed on this screen:



ARP Detect

ARP Detect:

Enable/Disable the ARP Detect function, and click the Apply

button to apply.



Trusted Port

Trusted Port:

Select the port for which the ARP Detect function is unnecessary

as the Trusted Port

The specific ports, such as up-linked port,

routing port and LAG port, should be set as Trusted Port. To

ensure the normal communication of the switch, please configure

the ARP Trusted Port before enabling the ARP Detect function.

158