No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Alarm Handling

CloudEngine 8800, 7800, 6800, and 5800 V200R005C10

This document provides the explanations, causes, and recommended actions of alarms on the product.
Rate and give feedback:
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
ARP_1.3.6.1.4.1.2011.5.25.165.2.2.2.2 hwArpsEntryCheck

ARP_1.3.6.1.4.1.2011.5.25.165.2.2.2.2 hwArpsEntryCheck

Description

ARP entry attack. (SourceInterface=[InterfaceName], SourceIP=[IpAddress], SourceMAC=[MacAddress], VLAN=[PeVlan], INNER-VLAN=[CeVlan])

The device suffered ARP spoofing attacks.

Attributes

Attribute

Description

Alarm or Event

Event

Trap Severity

Warning

Mnemonic Code

hwArpsEntryCheck

Trap OID

1.3.6.1.4.1.2011.5.25.165.2.2.2.2

Alarm ID

This is an event trap and does not involve alarm ID.

Alarm Type

This is an event trap and does not involve alarm type.

Raise or Clear

This is an event trap and does not involve alarm generation or clearance.

Match trap

This is an event trap and does not involve the matching trap.

Parameters

Parameter

Description

SourceInterface

Interface that receives ARP packets

SourceIP

Source IP addresses of the received ARP packets

SourceMAC

Source MAC addresses of the received ARP packets

PeVLAN

Outer VLAN IDs of the received ARP packets

CeVLAN

Inner VLAN IDs of the received ARP packets

VB

VB OID

VB Name

VB Index

1.3.6.1.4.1.2011.5.25.165.2.1.2.1

hwArpsSourceInterface

N/A

1.3.6.1.4.1.2011.5.25.165.2.1.2.2

hwArpsSourceIp

N/A

1.3.6.1.4.1.2011.5.25.165.2.1.2.3

hwArpsSourceMac

N/A

1.3.6.1.4.1.2011.5.25.165.2.1.2.4

hwArpsPVlan

N/A

1.3.6.1.4.1.2011.5.25.165.2.1.2.5

hwArpsCVlan

N/A

Impact on the System

If the trap is generated, the user's ARP entries on the device may be modified to those of the attacker. As a result, the attacker intercepts user traffic and services are interrupted.

Possible Causes

After being configured with fixed ARP, the device received ARP packets sent by attacks to update the existing ARP entries.

Procedure

  • This trap message is informational only, and no action is required.
Translation
Download
Updated: 2019-04-02

Document ID: EDOC1100074754

Views: 25766

Downloads: 31

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next