Setting The Max Detection Count Of The Affected Hosts; Setting Parameters Of Address Learning - Huawei Quidway S3500 Series Operation Manual

Operation Manual - Security
Quidway S3500 Series Ethernet Switches
Table 6-1 Enabling system-guard function
Enable system-guard function
Disable system-guard function
By default, system-guard function is disabled.
Caution:
For S3526E, S3526E FM S3526E FS and S3526C: Before enabling system-guard
function, be sure the port priority is default value 0 and the Ethernet switch doesn't
trust the cos priority of packets.
For S3526, S3526 FM and S3526 FS: The system-guard function is enabled only
after two or more VLAN interfaces are created and configured with the IP
addresses.
For S3526E, S3526E FM, S3526E FS and S3526C: After system-guard is enabled,
don't change the port priority and the mode of queue-scheduling.

6.2.2 Setting the max detection count of the affected hosts

The following commands can be used to set the max detection count of the affected
hosts. This configuration takes effect only after the system-guard function is enabled.
Perform the following configurations in system view.
Table 6-2 Setting the max detection count
Set the max detection count of the affected hosts
Restore the max detection count of the affected
hosts to default value
By default, the max detection count of the affected hosts is 30.

6.2.3 Setting parameters of address learning

The following commands can be used to set the max number of the learned IP
addresses ( IP-record-threshold ), threshold of consecutive detection times which the
learned address number exceed the threshold of IP address learned for one time
Operation
Operation
Huawei Technologies Proprietary
Chapter 6 System-guard Configuration
Command
system-guard enable
undo system-guard enable
system-guard
detect-maxnum number
undo
detect-maxnum
6-2
Command
system-guard