Huawei Quidway S6500 Series Operation Manual page 103
Hide thumbs
Also See for Quidway S6500 Series:
- Supplementary manual (5 pages) ,
- Command manual (845 pages)
Table of Contents
Advertisement
Operation Manual - Network Protocol
Quidway S6500 Series Ethernet Switches
Chapter 3 ARP Source Suppression Configuration
3.1 ARP Source Suppression Overview
ARP source suppression means after receiving ARP packets, a switch classifies these
packets and restricts the maximum number of different types of ARP packets sent to
the CPU. This is an effective measure to prevent attacks to CPU from a great amount of
illegal ARP packets generated during ARP scanning in the whole network implemented
by the host.
ARP packets received by S6500 series switches can be classified as follows:
Any ARP packets (packets with any source and destination IP addresses).
Passing ARP packets with the same source IP addresses (their destination
addresses are not the IP address of the current switch).
ARP packets who have the same source IP packets and whose destination IP
packets are the IP address of the current switch.
According to the above classification, you can set the maximum number of different
types of ARP packets sent to the switch CPU within unit time. When the number of
received ARP packets is greater than the set number, the switch regards the unwanted
ARP packets illegal and discards them.
3.2 ARP Source Suppression Configuration
To prevent the CPU from attack by illegal packets, you can configure the maximum
number of different types of ARP packets sent to the CPU within unit time.
3.2.1 ARP Source Suppression Configuration Tasks
The following table describes the ARP source suppression configuration tasks.
Chapter 3 ARP Source Suppression Configuration
Huawei Technologies Proprietary
3-1
- Quick Links:
- Function Features
Hide quick links:
Advertisement
Chapters
Table of Contents
Troubleshooting
