No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Alarm Handling

S600-E V200R010C00

This document provides the explanations, causes, and recommended actions of alarms on the product.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
SECE_1.3.6.1.4.1.2011.5.25.165.2.2.1.4 hwStrackErrorDown

SECE_1.3.6.1.4.1.2011.5.25.165.2.2.1.4 hwStrackErrorDown

Description

SECE/4/STRACK_ERROR_DOWN:OID [oid] Interface's status is changed to error-down because an attack is detected, Interface [OCTET].

The system detected an attack source and set the source interface of the attack packets to error-down state.

Attribute

Alarm ID Alarm Severity Alarm Type
1.3.6.1.4.1.2011.5.25.165.2.2.1.4 Warning securityServiceOrMechanismViolation(10)

Parameters

Name Meaning
OID Indicates the ID of the MIB object.
Interface Indicates the access interface of the attacker.

Impact on the System

The interface in error-down state cannot work.

Possible Causes

The device received a large number of packets from the interface, and the number of received packets exceeded the threshold for identifying an attack. Therefore, the device identified the interface as an attack source.

Procedure

  1. Run the display auto-defend attack-source detail command to check the detected attack source and check whether it is an authorized user.
  2. If the interface is attacked and it connects to only one user, you do not need to take any actions because the attack has been blocked. Go to step 5.
  3. If the interface is connected to multiple users and some users initiate attacks, you can configure attack source tracing and set the action taken on attack packets to deny, or configure a traffic policy to discard attack packets.
  4. If only entries exist on the interface or entries cannot be determined, collect alarm, log, and configuration information, and contact technical support personnel.
  5. End.

Related Information

None

Translation
Download
Updated: 2019-09-24

Document ID: EDOC1000141873

Views: 158222

Downloads: 15

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next