Configuration procedure
To configure source MAC-based ARP attack detection:
Step | Command | Remarks |
|---|---|---|
1. Enter system view. | system-view | N/A |
2. Enable source MAC-based ARP attack detection and specify the handling method. | arp source-mac { filter | monitor } | By default, this feature is disabled. |
3. Set the threshold. | arp source-mac threshold threshold-value | The default threshold is 30. |
4. Set the aging timer for ARP attack entries. | arp source-mac aging-time time | By default, the lifetime is 300 seconds. |
5. (Optional.) Exclude specific MAC addresses from this detection. | arp source-mac exclude-mac mac-address&<1-10> | By default, no MAC address is excluded. |
![[NOTE: ]](images/note.png) | NOTE: When an ARP attack entry is aged out, ARP packets sourced from the MAC address in the entry can be processed correctly. | |