Displaying And Maintaining Source Mac Address Based Arp Attack Detection; Configuration Example - HP 5920 Series Configuration Manual
Hide thumbs
Also See for 5920 Series:
- Command reference manual (607 pages) ,
- Configuration manual (424 pages) ,
- Fc and fcoe configuration manual (257 pages)
Table of Contents
Advertisement
Step
2.
Enable source MAC address
based ARP attack detection
and specify the handling
method.
3.
Configure the threshold.
4.
Configure the aging timer for
ARP attack entries.
5.
(Optional.) Exclude specified
MAC addresses from this
detection.
NOTE:
When an ARP attack entry expires, ARP packets sourced from the MAC address in the entry can be
processed normally.
Displaying and maintaining source MAC address based ARP
attack detection
Execute display commands in any view.
Task
Display ARP attack entries detected by source
MAC address based ARP attack detection.
Configuration example
Network requirements
As shown in
a large number of ARP requests to the gateway, the gateway may crash and cannot process requests
from the clients. To solve this problem, configure source MAC address based ARP attack detection on the
gateway.
Figure
69, the hosts access the Internet through a gateway (Device). If malicious users send
Command
arp source-mac { filter | monitor }
arp source-mac threshold
threshold-value
arp source-mac aging-time time
arp source-mac exclude-mac
mac-address&<1-10>
Command
display arp source-mac { slot slot-number | interface
interface-type interface-number }
204
Remarks
By default, this feature is disabled.
By default, the threshold is 30.
By default, the lifetime is 300
seconds.
By default, no MAC address is
excluded.
Advertisement
Table of Contents
Troubleshooting
