Source Mac Address Based Arp Attack Detection Configuration Commands; Arp Anti-Attack Source-Mac - HP 6125G Command Reference Manual
Security command reference
Hide thumbs
Also See for 6125G:
- Command reference manual (426 pages) ,
- Configuration manual (379 pages) ,
- Release note (60 pages)
Table of Contents
Advertisement
Parameters
disable: Disables ARP packet rate limit.
rate pps: Specifies the ARP packet rate in pps, in the range of 50 to 500.
drop: Discards the exceeded packets.
Description
Use arp rate-limit to configure or disable ARP packet rate limit on an interface.
Use undo arp rate-limit to restore the default.
By default, ARP packet rate limit is enabled, and the ARP packet rate limit is 100 pps.
Examples
# Specify the ARP packet rate on layer 2 Ethernet port GigabitEthernet 1/0/1 as 50 pps, and exceeded
packets will be discarded.
<Sysname> system-view
[Sysname] interface gigabitethernet 1/0/1
[Sysname-GigabitEthernet1/0/1] arp rate-limit rate 50 drop
Source MAC address based ARP attack detection
configuration commands
arp anti-attack source-mac
Syntax
arp anti-attack source-mac { filter | monitor }
undo arp anti-attack source-mac [ filter | monitor ]
View
System view
Default level
2: System level
Parameters
filter: Specifies the filter mode.
monitor: Specifies the monitor mode.
Description
Use arp anti-attack source-mac to enable source MAC address based ARP attack detection and specify
the detection mode.
Use undo arp anti-attack source-mac to restore the default.
By default, source MAC address based ARP attack detection is disabled.
After you enable this feature, the device checks the source MAC address of ARP packets received from
the VLAN. It detects an attack when one MAC address sends more ARP packets in five seconds than the
specified threshold. Upon detecting an attack, the device does the following:
254
Advertisement
Table of Contents
