No relevant resource is found in the selected language.
Your browser version is too early. Some functions of the website may be unavailable. To obtain better user experience, upgrade the browser to the latest version.
CloudEngine 12800 and 12800E V200R005C10 Configuration Guide - Security
This document describes the configurations of Security, including AAA, 802.1x Authentication, ACL, TCAM ACL Customization, local attack defense, Microsegmentation, MFF, attack defense, traffic suppression and storm control, ARP security, Port security, MACsec, DHCP snooping, IPSG, URPF, SSL, Keychain and FIPS.
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document.
Note: Even the most advanced machine translation cannot match the quality of professional translators.
Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
On a live network, services may be interrupted for a long
time because the MFF-enabled device cannot immediately detect changes
to the gateway MAC address. Timed gateway detection can solve this
problem. With the timed gateway address detection function, a device scans recorded gateway information
every 30 seconds. For each gateway recorded, the MFF-enabled device
uses information about any user to construct an ARP request packet
and sends it to the network interface. The MFF-enabled device then
learns the gateway MAC address from the ARP reply packet. If the gateway
MAC address has changed, the MFF-enabled device immediately updates
the gateway information and broadcasts gratuitous ARP packets to user
devices, so that user devices can update the gateway address.
