Table of Contents
Advertisement
Command Manual - Security
Quidway S3500 Series Ethernet Switches
View
System view
Parameter
None
Description
Using the system-guard no-learn-dip enable command, you can enable the switch
not to learn the destination IP address in the packets. Using the undo system-guard
no-learn-dip enable command, you can remove this configuration.
By default, the S3526, S3526 FM and S3526 FS need to learn the destination IP
address in the packets if the address is not reside in the non-directly connected network
segment. In this way, they can forward multiple times while learning once. When the
switch is enabled not to learn the destination address in the packets, it learns from the
source IP address in the response, thus preventing the hosts from the virus attacks of
destination address scanning.
This command is only effective to the S3526, S3526 FM and S3526 FS.
Example
# Enable the switch not to learn the destination IP address in the packets.
[Quidway] system-guard no-learn-dip enable
Chapter 6 System-guard Configuration Commands
Huawei Technologies Proprietary
6-6
- Quick Links:
- Logging in Switch Commands
Hide quick links:
Advertisement
Chapters
Table of Contents
