Configuration Procedure; Displaying And Maintaining Nd Attack Detection; Nd Attack Detection Configuration Example - HPE FlexNetwork 10500 Series Security Configuration Manual
Hide thumbs
Also See for FlexNetwork 10500 Series:
- Security command reference (881 pages) ,
- Network management and monitoring command reference (423 pages) ,
- Configuration manual (407 pages)
Table of Contents
Advertisement
To make the bindings effective for ND attack detection, you must specify the vlan vlan-id option
in the ipv6 source binding command, and enable ND attack detection for the same VLAN.
•
DHCPv6 snooping.
•
ND snooping.
Configuration procedure
To configure ND attack detection:
Step
1.
Enter system view.
2.
Enter VLAN view.
3.
Enable ND attack detection.
4.
Return to system view.
5.
Enter Layer 2 Ethernet or
aggregate interface view.
6.
(Optional.) Configure the
interface as ND trusted
interface.
Displaying and maintaining ND attack detection
Execute display commands in any view and reset commands in user view.
Task
Display statistics for ND messages
dropped by ND attack detection.
Clear ND attack detection statistics.
ND attack detection configuration example
Network requirements
As shown in
messages from Host A and Host B.
Command
system-view
vlan vlan-id
ipv6 nd detection enable
quit
interface interface-type
interface-number
ipv6 nd detection trust
Figure
143, configure ND attack detection on Device B to check user validity for ND
Remarks
N/A
N/A
By default, ND attack detection is
disabled.
N/A
N/A
By default, all interfaces are ND
untrusted interfaces.
Command
display ipv6 nd detection statistics [ interface interface-type
interface-number ]
reset ipv6 nd detection statistics [ interface interface-type
interface-number ]
533
Advertisement
Table of Contents
Troubleshooting
