No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Alarm Handling

S600-E V200R010C00

This document provides the explanations, causes, and recommended actions of alarms on the product.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
SECE_1.3.6.1.4.1.2011.5.25.165.2.2.2.4 hwARPSDaiDropALarm

SECE_1.3.6.1.4.1.2011.5.25.165.2.2.2.4 hwARPSDaiDropALarm

Description

SECE/4/DAI_DROP_ALARM:OID [oid] The packet number dropped by DAI reaches [INTEGER], exceed the alarm threshold [INTEGER], Interface [OCTET].

The number of packets discarded by Dynamic ARP Inspection (DAI) exceeded the alarm threshold.

Attribute

Alarm ID Alarm Severity Alarm Type
1.3.6.1.4.1.2011.5.25.165.2.2.2.4 Warning equipmentAlarm(5)

Parameters

Name Meaning

oid

Indicates the ID of the MIB object.

INTEGER1

Indicates the number of discarded packets.

INTEGER2

Indicates the alarm threshold.

Interface

Indicates the VLAN, source MAC address, and source IP address of packets

Impact on the System

If this alarm is generated, the device may be attacked. If the attack traffic volume is heavy, the device is busy processing attack packets. As a result, services of authorized users are interrupted.

Possible Causes

The number of packets discarded by DAI exceeded the alarm threshold.

Procedure

  • If user services are not affected, the alarm does not need to be handled.
  • If user services are interrupted, perform the following operations:

    1. Run the display dhcp static user-bind { { interface interface-type interface-number | ip-address ip-address | mac-address mac-address | vlan vlan-id } * | all } [ verbose ] or display dhcpv6 static user-bind { { interface interface-type interface-number | ipv6-address { ipv6-address | all } | mac-address mac-address | vlan vlan-id } * | all } [ verbose ] command to check the static binding entries.

    2. Find out the interface and user host that initiate the attack. Check whether the host is attacked. If not, the host belongs to the attacker. Take measures to defend against the attack. For example, disconnect the attacker's host.
    3. Collect alarm, log, and configuration information, and contact technical support personnel.

Related Information

None

Translation
Download
Updated: 2019-08-21

Document ID: EDOC1000141873

Views: 148672

Downloads: 14

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next