Configuring Arp Packet Rate Limit - HP A5830 Series Configuration Manual

Security switch

Hide thumbs Also See for A5830 Series:

Command reference manual (249 pages)

Configuration manual (246 pages)

Configuration manual (152 pages)

Table Of Contents

100

101

102

103

104

105

106

107

108

109

110

111

112

113

114

115

116

117

118

119

120

121

122

123

124

125

126

127

128

129

130

131

132

133

134

135

136

137

138

139

140

141

142

143

144

145

146

147

148

149

150

151

152

153

154

155

156

157

158

159

160

161

162

163

164

165

166

167

168

169

170

171

172

173

174

175

176

177

178

179

180

181

182

183

184

185

186

187

188

189

190

191

192

193

194

195

196

197

198

199

200

201

202

203

204

205

206

207

208

209

210

211

212

213

214

215

216

217

218

219

220

221

222

223

224

225

226

227

228

229

230

231

232

233

234

235

236

237

238

239

240

241

242

243

244

245

246

247

248

249

250

251

252

253

254

255

256

257

258

259

260

261

262

263

264

265

266

267

268

269

270

271

272

273

274

275

276

277

278

279

280

Table of Contents

Configuration considerations

If the attacking packets have the same source address, you can enable the ARP source suppression

function by doing the following:

Enable ARP source suppression.

•

Set the threshold for ARP packets from the same source address to 100. If the number of ARP

•

requests sourced from the same IP address in 5 seconds exceeds 100, the device suppresses the IP

packets sourced from this IP address from triggering any ARP requests within the following 5

seconds.

If the attacking packets have different source addresses, enable the ARP black hole routing function on

the device.

Configuration procedure

ARP source suppression configuration

# Enable ARP source suppression on the device, and set the threshold for ARP packets from the same

source address to 100.

<Device> system-view

[Device] arp source-suppression enable

[Device] arp source-suppression limit 100

ARP black hole routing configuration

# Enable ARP black hole routing on the device.

<Device> system-view

[Device] arp resolving-route enable

Configuring ARP packet rate limit

The ARP packet rate limit feature allows you to limit the rate of ARP packets to be delivered to the CPU

on a switch. For example, if an attacker sends a large number of ARP packets to an ARP detection

enabled device, the CPU of the device becomes overloaded because all the ARP packets are redirected

to the CPU for checking. As a result, the device fails to deliver other functions properly or even crashes.

To solve this problem, configure ARP packet rate limit.

Enable this feature after the ARP detection feature is configured, or use this feature to prevent ARP flood

attacks.

To configure ARP packet rate limit:

To do...

Enter system view.

Enter Layer 2 Ethernet

interface/Layer 2

aggregate interface view.

Configure ARP packet rate

limit.

Use the command...

system-view

interface interface-type

interface-number

arp rate-limit { disable | rate

pps drop }

226

Remarks

—

Required.

By default, the ARP packet rate limit is

enabled and is 100 pps.

Table of Contents

Configuring Arp Packet Rate Limit - HP A5830 Series Configuration Manual

Configuring ARP packet rate limit

Troubleshooting

Related Manuals for HP A5830 Series

Related Content for HP A5830 Series

Table of Contents