Configuring Arp Source Suppression; Configuring Arp Blackhole Routing; Displaying And Maintaining Unresolvable Ip Attack Protection; Configuration Example - HPE FlexNetwork 10500 Series Security Configuration Manual

Hide thumbs Also See for FlexNetwork 10500 Series:
Table of Contents

Advertisement

After a blackhole route is created for an unresolved IP address, the device immediately starts
the first ARP blackhole route probe by sending an ARP request. If the resolution fails, the
device continues probing according to the probe settings. If the IP address resolution succeeds
in a probe, the device converts the blackhole route to a normal route. If an ARP blackhole route
ages out before the device finishes all probes, the device deletes the blackhole route and does
not perform the remaining probes.
This feature is applicable regardless of whether the attack packets have the same source
addresses.

Configuring ARP source suppression

Step
1.
Enter system view.
2.
Enable ARP source suppression.
3.
Set the maximum number of
unresolvable packets that the
device can process per source IP
address within 5 seconds.

Configuring ARP blackhole routing

Step
1.
Enter system view.
2.
Enable ARP blackhole routing.
3.
(Optional.) Set the number of
ARP blackhole route probes for
each unresolved IP address.
4.
(Optional.) Set the interval at
which the device probes ARP
blackhole routes.

Displaying and maintaining unresolvable IP attack protection

Execute display commands in any view.
Task
Display ARP source suppression configuration
information.

Configuration example

Network requirements
As shown in
VLAN 20. Each area connects to the gateway (Device) through an access switch.
Figure
136, a LAN contains two areas: an R&D area in VLAN 10 and an office area in
Command
system-view
arp source-suppression
enable
arp source-suppression
limit limit-value
Command
system-view
arp resolving-route enable
arp resolving-route
probe-count count
arp resolving-route
probe-interval interval
Command
display arp source-suppression
511
Remarks
N/A
By default, ARP source suppression is
disabled.
By default, the maximum number is
10.
Remarks
N/A
By default, ARP blackhole routing
is enabled.
The default setting is three
probes.
The default setting is 1 second.

Advertisement

Table of Contents
loading

Table of Contents