Manualshelf

R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
491492493494495496497498499500
483
Views
System view
Default command level
2: System level
Parameters
disable: Disables ARP packet rate limit.
rate pps: Specifies the ARP packet rate in pps, in the range of 5 to 8192.
drop: Discards the exceeded packets.
slot slot-number: Specifies a card by its slot number. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number
argument specifies the ID of the IRF member device. The slot-number argument specifies the slot number
of the card. (In IRF mode.)
Examples
# Specify the ARP packet rate for the card in slot 1 as 50 pps, and exceeded packets are discarded.
<Sysname> system-view
[Sysname] arp rate-limit rate 50 drop slot 1
ARP packet source MAC consistency check
configuration commands
arp anti-attack valid-ack enable
Use arp anti-attack valid-check enable to enable ARP packet source MAC address consistency check on
the gateway.
Use undo arp anti-attack valid-check enable to restore the default.
Syntax
arp anti-attack valid-check enable
undo arp anti-attack valid-check enable
Default
ARP packet source MAC address consistency check is disabled.
Views
System view
Default command level
2: System level
Usage guidelines
After you execute the arp anti-attack valid-check enable command, the gateway device can filter out
ARP packets with the source MAC address in the Ethernet header different from the sender MAC address
in the ARP message.