Configuration Example - HP MSR Series Configuration Manual
Hpe flexnetwork msr router series
Hide thumbs
Also See for MSR Series:
- Configuration manual (889 pages) ,
- Command reference manual (684 pages) ,
- Wan access configuration manual (293 pages)
Table of Contents
Advertisement
Configuration example
Network requirements
As shown in
VLAN 20. Each area connects to the gateway (Device) through an access switch.
A large number of ARP requests are detected in the office area and are considered an attack caused
by unresolvable IP packets. To prevent the attack, configure ARP source suppression and ARP
blackhole routing.
Figure 162 Network diagram
Host A
Configuration considerations
If the attack packets have the same source address, configure the ARP source suppression feature
as follows:
1.
Enable ARP source suppression.
2.
Set the threshold to 100. If the number of unresolvable IP packets received from a host within 5
seconds exceeds 100, the device stops resolving packets from the host until the 5 seconds
elapse.
If the attack packets have different source addresses, enable the ARP blackhole routing feature on
the gateway.
Configuration procedure
# Enable ARP source suppression and set the threshold to 100.
<Device> system-view
[Device] arp source-suppression enable
[Device] arp source-suppression limit 100
# Enable ARP blackhole routing.
[Device] arp resolving-route enable
Figure
162, a LAN contains two areas: an R&D area in VLAN 10 and an office area in
IP network
Gateway
Device
VLAN 10
Host B
R&D
ARP attack protection
VLAN 20
Host C
Office
526
Host D
- Quick Links:
- Configuring Local Users
Hide quick links:
Advertisement
Table of Contents
Troubleshooting
