Configuring Arp Source Suppression; Enabling Arp Blackhole Routing; Displaying And Maintaining Unresolvable Ip Attack Protection; Configuration Example - HP FlexFabric 5930 Series Security Configuration Manual

Hide thumbs Also See for FlexFabric 5930 Series:

Configuration manuals (467 pages)

Command reference manual (87 pages)

Installation manual (73 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

Table of Contents

ARP source suppression—If the attack packets have the same source address, you can enable the

•

ARP source suppression function, and set the maximum number of unresolvable IP packets that the

device can receive from a host within 5 seconds. If the threshold is reached, the device stops

resolving packets from the host until the 5 seconds elapse.

•

ARP blackhole routing—You can enable the ARP blackhole routing function regardless of whether

the attack packets have the same source address. After receiving an unresolvable IP packet, the

device creates a blackhole route destined for that IP address and drops all the matching packets

until the blackhole route ages out.

Configuring ARP source suppression

Step

Enter system view.

Enable ARP source suppression.

Set the maximum number of

unresolvable packets that the

device can receive from a host

within 5 seconds.

Enabling ARP blackhole routing

Step

Enter system view.

Enable ARP blackhole routing.

Displaying and maintaining unresolvable IP attack protection

Execute display commands in any view.

Task

Display ARP source suppression configuration information.

Configuration example

Network requirements

As shown in

20. Each area connects to the gateway (Device) through an access switch.

A large number of ARP requests are detected in the office area and are considered as the consequence

of an unresolvable IP attack. To prevent such attacks, configure ARP source suppression and ARP

blackhole routing.

Figure

46, a LAN contains two areas: an R&D area in VLAN 10 and an office area in VLAN

Command

system-view

arp source-suppression

enable

arp source-suppression

limit limit-value

Command

system-view

arp resolving-route enable

Command

display arp source-suppression

154

Remarks

N/A

By default, ARP source suppression is

disabled.

By default, the maximum number is 10.

Remarks

N/A

By default, ARP blackhole routing

is enabled.

Table of Contents

Configuring Arp Source Suppression; Enabling Arp Blackhole Routing; Displaying And Maintaining Unresolvable Ip Attack Protection; Configuration Example - HP FlexFabric 5930 Series Security Configuration Manual

Configuring ARP source suppression

Enabling ARP blackhole routing

Displaying and maintaining unresolvable IP attack protection

Configuration example

Troubleshooting

Related Manuals for HP FlexFabric 5930 Series

Related Content for HP FlexFabric 5930 Series

Table of Contents