Step
2.
Enable source MAC address
based ARP attack detection
and specify the detection
mode.
3.
Configure the threshold.
4.
Configure the age timer for
ARP attack detection entries.
5.
Configure protected MAC
addresses.
NOTE:
After an ARP attack detection entry expires, ARP packets sourced from the MAC address in the entry can
be processed normally.
Displaying and maintaining source MAC address based ARP
attack detection
Task
Display attacking MAC addresses
detected by source MAC address based
ARP attack detection.
Configuration example
Network requirements
As shown in
a large number of ARP requests to the gateway, the gateway may crash and cannot process requests
from the clients. To solve this problem, configure source MAC address based ARP attack detection on the
gateway.
Figure 1
18, the hosts access the Internet through a gateway (Device). If malicious users send
Command
arp anti-attack source-mac { filter |
monitor }
arp anti-attack source-mac threshold
threshold-value
arp anti-attack source-mac aging-time time
arp anti-attack source-mac exclude-mac
mac-address&<1-10>
Command
display arp anti-attack source-mac { slot
slot-number | interface interface-type
interface-number } [ | { begin | exclude |
include } regular-expression ]
374
Remarks
Disabled by default.
Optional.
50 by default.
Optional.
300 seconds by default.
Optional.
Not configured by
default.
Remarks
Available in any view