Displaying and maintaining source MAC-based ARP attack
detection
Execute display commands in any view.
Task
Display ARP attack entries detected by source
MAC-based ARP attack detection.
Configuration example
Network requirements
As shown in
a large number of ARP requests to the gateway, the gateway might crash and cannot process requests
from the clients. To solve this problem, configure source MAC-based ARP attack detection on the
gateway.
Figure 111 Network diagram
ARP attack protection
Host A
Configuration considerations
An attacker might forge a large number of ARP packets by using the MAC address of a valid host as the
source MAC address. To prevent such attacks, configure the gateway in the following steps:
1.
Enable source MAC-based ARP attack detection and specify the handling method as filter.
Set the threshold.
2.
3.
Set the lifetime for ARP attack entries.
Figure 1 1
1, the hosts access the Internet through a gateway (Device). If malicious users send
IP network
Host B
Command
display arp source-mac { slot slot-number | interface
interface-type interface-number }
Gateway
Device
Host C
331
Server
0012-3f 86-e 94c
Host D