No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


Alarm Handling

S9300, S9300E, and S9300X V200R010C00

This document provides the explanations, causes, and recommended actions of alarms on the product.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
SECE_1. hwARPSDaiDropALarm

SECE_1. hwARPSDaiDropALarm


SECE/4/DAI_DROP_ALARM:OID [oid] The packet number dropped by DAI reaches [INTEGER], exceed the alarm threshold [INTEGER], Interface [OCTET].

The number of packets discarded by Dynamic ARP Inspection (DAI) exceeded the alarm threshold.


Alarm ID Alarm Severity Alarm Type Warning equipmentAlarm(5)


Name Meaning


Indicates the ID of the MIB object.


Indicates the number of discarded packets.


Indicates the alarm threshold.


Indicates the VLAN, source MAC address, and source IP address of packets

Impact on the System

If this alarm is generated, the device may be attacked. If the attack traffic volume is heavy, the device is busy processing attack packets. As a result, services of authorized users are interrupted.

Possible Causes

The number of packets discarded by DAI exceeded the alarm threshold.


  • If user services are not affected, the alarm does not need to be handled.
  • If user services are interrupted, perform the following operations:

    1. Run the display dhcp static user-bind { { interface interface-type interface-number | ip-address ip-address | mac-address mac-address | vlan vlan-id } * | all } [ verbose ] or display dhcpv6 static user-bind { { interface interface-type interface-number | ipv6-address { ipv6-address | all } | mac-address mac-address | vlan vlan-id } * | all } [ verbose ] command to check the static binding entries.

    2. Find out the interface and user host that initiate the attack. Check whether the host is attacked. If not, the host belongs to the attacker. Take measures to defend against the attack. For example, disconnect the attacker's host.
    3. Collect alarm, log, and configuration information, and contact technical support personnel.

Related Information


Updated: 2019-08-21

Document ID: EDOC1000142054

Views: 189764

Downloads: 44

Average rating:
This Document Applies to these Products
Related Version
Related Documents
Previous Next