Displaying And Maintaining Source Mac Address Based Arp Attack Detection; Configuring Arp Packet Source Mac Address Consistency Check; Introduction; Configuration Procedure - HP 5120 EI Switch Series Configuration Manual

To do...
Enter system view
Enable source MAC address
based ARP attack detection and
specify the detection mode
Configure the threshold
Configure the age timer for ARP
attack detection entries
Configure protected MAC
addresses
NOTE:
After an ARP attack detection entry expires, ARP packets sourced from the MAC address in the entry
can be processed normally.
Displaying and maintaining source MAC address based ARP
attack detection
To do...
Display attacking MAC addresses detected
by source MAC address based ARP attack
detection
Configuring ARP packet source MAC address
consistency check

Introduction

This feature enables a gateway device to filter out ARP packets with a source MAC address in the
Ethernet header different from the sender MAC address in the message body, so that the gateway device
can learn correct ARP entries.

Configuration procedure

Follow these steps to enable ARP packet source MAC address consistency check:
To do...
Enter system view
Use the command...
system-view
arp anti-attack source-mac { filter
| monitor }
arp anti-attack source-mac
threshold threshold-value
arp anti-attack source-mac aging-
time time
arp anti-attack source-mac
exclude-mac mac-address&<1-
10>
Use the command...
display arp anti-attack source-mac {
slot slot-number | interface interface-
type interface-number } [ | { begin |
exclude | include } regular-
expression ]
Use the command...
system-view
269
Remarks
—
Required
Disabled by default.
Optional
50 by default.
Optional
300 seconds by default.
Optional
No protected MAC address is
configured by default.
Remarks
Available in any
view
Remarks
—