No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
anti-attack flood sta-rate-threshold

anti-attack flood sta-rate-threshold

Function

The anti-attack flood sta-rate-threshold command sets the flood threshold.

The undo anti-attack flood sta-rate-threshold command restores the default flood threshold.

The default flood threshold is 4 pps for ARP, DHCP, DHCPv6, IGMP, and mDNS packets, 8 pps for ND packets, 10 pps for broadcast packets other than ARP, DHCP, DHCPv6, and ND packets, and 10 pps for multicast packets other than IGMP and mDNS packets.

Format

anti-attack flood { arp | dhcp | dhcpv6 | igmp | mdns | nd | other-broadcast | other-multicast } sta-rate-threshold sta-rate-threshold

undo anti-attack flood { arp | dhcp | dhcpv6 | igmp | mdns | nd | other-broadcast | other-multicast } sta-rate-threshold

Parameters

Parameter

Description

Value
arp

Specifies ARP packets.

-
dhcp

Specifies DHCP packets.

-
dhcpv6

Specifies DHCPv6 packets.

-
igmp

Specifies IGMP packets.

-
mdns

Specifies mDNS packets.

-
nd

Specifies ND packets.

-
other-broadcast

Specifies broadcast packets other than ARP, DHCP, DHCPv6, and ND packets.

-
other-multicast

Specifies multicast packets other than IGMP and mDNS packets.

-
sta-rate-threshold

Specifies the rate threshold of broadcast traffic from STAs.

The value is an integer that ranges from 1 to 5000, in pps.

Views

VAP profile view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

After the flood detection function is enabled, you can set the broadcast traffic threshold.

When the traffic rate exceeds the threshold, the device considers a flood attack from the STA and discards the traffic. This prevents the upper-layer network from being affected by the flood.

If the flood blacklist function is enabled using the anti-attack flood blacklist enable command, the device adds flood STAs to the blacklist.

Prerequisites

The flood detection function has been enabled using the undo anti-attack flood disable command.

Example

# Set the DHCP flood threshold to 100 pps.

<AC6605> system-view
[AC6605] wlan
[AC6605-wlan-view] vap-profile name profile1
[AC6605-vap-prof-profile1] anti-attack flood dhcp sta-rate-threshold 100
Related Topics
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3211568

Downloads: 603

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :