No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

CX11x, CX31x, CX710 (Earlier Than V6.03), and CX91x Series Switch Modules V100R001C10 Configuration Guide 13

The documents describe the configuration of various services supported by the CX11x&CX31x&CX91x series switch modules The description covers configuration examples and function configurations.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ARP Security Maintenance

ARP Security Maintenance

The section describes the ARP security maintenance, including monitoring ARP running status, clearing statistics on ARP packets, clearing statistics on discarded ARP packets, and configuring the alarm and log functions for potential ARP attacks.

Monitoring ARP Running Status

Procedure

  • Run:

    display arp packet statistics [ interface [ interface-type interface-number ] ]

    Statistics on ARP packets is displayed.

  • Run:

    display arp anti-attack record

    Detailed information about excess ARP packets discarded when the number of ARP packets exceeds the limit is displayed.

  • Run:

    display arp miss anti-attack record

    Detailed information about excess ARP Miss messages discarded when the number of ARP Miss messages exceeds the limit is displayed.

Clearing ARP Security Statistics

Context

ARP security statistics cannot be restored after being cleared. Confirm the action before you use the command.

To clear ARP security statistics, run the following commands in the user view:

Procedure

  • Run:

    reset arp packet statistics [ interface [ interface-type interface-number ] ]

    Statistics on ARP packets is cleared.

  • Run:

    reset arp anti-attack record

    Detailed information about excess ARP packets discarded when the number of ARP packets exceeds the limit is cleared.

  • Run:

    reset arp miss anti-attack record

    Detailed information about excess ARP Miss messages discarded when the number of ARP Miss messages exceeds the limit is cleared.

Configuring the Alarm Function for Potential ARP Attacks

Context

After rate limit on ARP packets or ARP Miss messages is enabled, if the number of ARP packets or ARP Miss messages the device receives in a specified period exceeds the limit, the device discards the excess ARP packets or ARP Miss messages. The device considers the excess ARP packets or ARP Miss messages as potential attacks. The device records ARP logs and send ARP alarms indicating potential attacks to the NMS.

To avoid excessive alarms and logs when ARP attacks occur, reduce the alarm and log quantities by setting a proper interval for sending alarms and recording logs.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    arp anti-attack log-trap-timer time

    The interval for recording ARP logs and sending ARP alarms is set.

    The default interval for recording ARP logs and sending alarms is 0, indicating that the device does not record ARP logs or send ARP alarms.

  3. Run:

    commit

    The configuration is committed.

Translation
Download
Updated: 2019-12-13

Document ID: EDOC1000041694

Views: 59931

Downloads: 3623

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Share
Previous Next