[x]

Configuring unresolvable IP attack protection > Configuring ARP blackhole routing

 

 Next

Configuring ARP blackhole routing

Restrictions and guidelines

Set the ARP blackhole route probe count to a big value, for example, 25. If the device fails to reach the destination IP address temporarily and the probe count is too small, all probes might finish before the problem is resolved. As a result, non-attack packets will be dropped. This setting can avoid such situation.

Procedure

  1. Enter system view.

    system-view

  2. Enable ARP blackhole routing.

    arp resolving-route enable

    ARP blackhole routing is enabled.

  3. (Optional.) Set the number of ARP blackhole route probes for each unresolved IP address.

    arp resolving-route probe-count count

    The default setting is three probes.

  4. (Optional.) Set the interval at which the device probes ARP blackhole routes.

    arp resolving-route probe-interval interval

    The default setting is 1 second.

prev

 

up

 next

Configuring ARP source suppression 

home

 Display and maintenance commands for unresolvable IP attack protection

© Copyright 2017 Hewlett Packard Enterprise Development LP