D-Link DES-7200 Cli Reference Manual page 1001

DES-7200 CLI Reference Guide
Command
mode
Usage
guidelines
Global configuration mode.
When the packet transmission rate exceeds the value, the
attack action is detected and it prompts the warning
message and the TRAP packets are sent.
The warning message will be prompted like :
*Dec 27 15:34:16: %ARPGUARD-4-DOS_DETECTED: ARP DoS atta
ck was detected.
This message informs the administrator of detecting the
ARP attack only, without the user attribute information.
The administrator shall execute the show arp-guard u
sers command to view the detailed informtion about th
e attackers. Note that it is not recommended for the a
dministrator to set the isolated time to 0, because the
attack attributes willnot be saved in the isolated user ta
ble if the isolated time is 0.
If the administrator sets the isolated time to 0, the TRA
P message sent when the attack action was detected c
ontains the following information(if vlan=0, it is a route
port.):
ARP DoS attack from user<IP=N/A,MAC=0000.0000.0004,port=
Gi4/1,VLAN=1> detected.
If the administrator sets the isolated time to any value
except for 0, it prompts the additional information of the sent
TRAP message sent as follows when the hardware has
been isolated successfully:
User<IP=N/A,MAC=0000.0000.0004,port=Gi4/1,VLAN=1>
isolated.
When it fails to isolate the hardware due to insufficient
memory and hardware resources, it will prompt the
additional information of the sent TRAP messages:
Failed to isolate user<IP=N/A,MAC=0000.0000.0004,port=G
i4/1,VLAN=1>.
You shall pay attention to:
1. It is possible that the legal ARP packets are learnt
Chapter 53 NFPP Configuration Commands
is
53-5