[x]

Configuring source MAC-based ARP attack detection > Example: Configuring source MAC-based ARP attack detection

 

 Next

Example: Configuring source MAC-based ARP attack detection

Network configuration

As shown in Figure 159, the hosts access the Internet through a gateway (Device). If malicious users send a large number of ARP requests to the gateway, the gateway might crash and cannot process requests from the clients. To solve this problem, configure source MAC-based ARP attack detection on the gateway.

Figure 159: Network diagram

Procedure

# Enable source MAC-based ARP attack detection, and specify the handling method as filter.

<Device> system-view
[Device] arp source-mac filter

# Set the threshold to 30.

[Device] arp source-mac threshold 30

# Set the lifetime for ARP attack entries to 60 seconds.

[Device] arp source-mac aging-time 60

# Exclude MAC address 0012-3f86-e94c from this detection.

[Device] arp source-mac exclude-mac 0012-3f86-e94c

prev

 

up

 next

Display and maintenance commands for source MAC-based ARP attack detection 

home

 Configuring ARP packet source MAC consistency check

© Copyright 2017 Hewlett Packard Enterprise Development LP