Step
2.
Enable source MAC address
based ARP attack detection
and specify the handling
method.
3.
Configure the threshold.
4.
Configure the aging timer for
ARP attack entries.
5.
(Optional.) Exclude specified
MAC addresses from this
detection.
NOTE:
When an ARP attack entry expires, ARP packets sourced from the MAC address in the entry can be
processed normally.
Displaying and maintaining source MAC address based ARP
attack detection
Execute display commands in any view.
Task
Display ARP attack entries detected by source
MAC address based ARP attack detection.
Configuration example
Network requirements
As shown in
a large number of ARP requests to the gateway, the gateway may crash and cannot process requests
from the clients. To solve this problem, configure source MAC address based ARP attack detection on the
gateway.
Figure
69, the hosts access the Internet through a gateway (Device). If malicious users send
Command
arp source-mac { filter | monitor }
arp source-mac threshold
threshold-value
arp source-mac aging-time time
arp source-mac exclude-mac
mac-address&<1-10>
Command
display arp source-mac { slot slot-number | interface
interface-type interface-number }
204
Remarks
By default, this feature is disabled.
By default, the threshold is 30.
By default, the lifetime is 300
seconds.
By default, no MAC address is
excluded.