No relevant resource is found in the selected language.
Enterprise
Worldwide
Huawei Global - English
Support Documentation
WLAN AC V200R010C00 Command Reference
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
arp speed-limit source-ip

arp speed-limit source-ip

Function

The arp speed-limit source-ip command sets the maximum rate of ARP packets based on the source IP address.

The undo arp speed-limit source-ip command restores the default setting.

By default, the device allows a maximum of 5 ARP packets from the same source IP address to pass through in 1 second.

Format

arp speed-limit source-ip [ ip-address ] maximum maximum

undo arp speed-limit source-ip [ ip-address ]

Parameters

Parameter Description Value
ip-address

Specifies the source IP address. If this parameter is specified, the rate of ARP packets from the IP address is limited.

If this parameter is not specified, the rate of ARP packets from each IP address is limited.

 The value is in dotted decimal notation.
maximum maximum

Specifies the maximum rate of ARP packets from a specified source IP address.

NOTE:

If the rate of all ARP packets is limited, a large value is recommended because valid packets may be discarded if the value is small. However, a too large value will deteriorate the system performance. If an IP address initiates attacks, you can set the maximum number of ARP Miss messages triggered by packets from this IP address to a small value.

 The value is an integer that ranges from 0 to 32768, in pps. If the value is 0, the rate of ARP packets is not limited based on the source IP address.

Views

System view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

When processing a large number of ARP packets with fixed IP addresses, the CPU is overloaded and cannot process other services. To prevent this problem, limit the rate of ARP packets based on the source IP address.

After the arp speed-limit source-ip command is run, the device collects statistics on ARP packets based on the source IP address. If the number of ARP packets from a specified source IP address in 1 second exceeds the threshold, the device discards the excess ARP packets.

Precautions

Limiting the rate of all ARP packets is not recommended. You are advised to find out the attack source according to packet statistics, and then limit the rate of ARP packets from the specified source IP address.

Example

# Set the maximum rate of ARP packets from a source IP address to 100 pps.

<AC6605> system-view
[AC6605] arp speed-limit source-ip maximum 100

# Set the maximum rate of ARP packets from a specified IP address 10.0.0.1 to 50 pps.

<AC6605> system-view
[AC6605] arp speed-limit source-ip 10.0.0.1 maximum 50
Translation
简体中文
Download
Updated: 2021-02-27

Document ID: EDOC1100064351

Views: 3198418

Downloads: 595

Average rating:
This Document Applies to these Products

Related Version

Related Documents

Share
Previous Next
Huawei e+ App Huawei e+

Copyright © 2022 Huawei Technologies Co., Ltd. All rights reserved.

You are going to visit :