[x]

Configuring RA guard > About RA guard

 

 Next

About RA guard

RA guard allows Layer 2 access devices to analyze and block unwanted and forged RA messages.

Upon receiving an RA message, the device makes the forwarding or dropping decision based on the role of the attached device or the RA guard policy.

  1. If the role of the device attached to the receiving interface is router, the device forwards the RA message. If the role is host, the device drops the RA message.

  2. If no attached device role is set, the device uses the RA guard policy applied to the VLAN of the receiving interface to match the RA message.

    • If the policy does not contain match criteria, the policy will not take effect and the device forwards the RA message.

    • If the RA message content matches every criterion in the policy, the device forwards the message. Otherwise, the device drops the message.

prev

 

up

 next

Configuring RA guard 

home

 Specifying the role of the attached device

© Copyright 2017 Hewlett Packard Enterprise Development LP