Table 23-2 – H3C Technologies H3C WX6000 Series Access Controllers User Manual
Page 172
23-6
Table 23-2 Other ARP attack defense configuration items
Item
Description
Detection Mode
Select the detection mode for source MAC address based ARP attack
detection. The detection mode can be:
Disable: The source MAC address attack detection is disabled.
Filter Mode: The device generates an alarm and filters out ARP packets
sourced from a MAC address if the number of ARP packets received
from the MAC address within five seconds exceeds the specified value.
The device only generates an alarm if the number of ARP packets sent
from a MAC address within five seconds exceeds the specified value.
Aging Time
Type the aging time of the source MAC address based ARP attack detection
entries.
Threshold
Type the threshold of source MAC address based ARP attack detection.
Source
MAC
Address
Attack
Detection
Protected MAC
Configuration
Type a protected MAC address.
A protected MAC address is excluded from ARP attack detection even if it is
an attacker. You can specify certain MAC addresses, such as that of a
gateway or an important server, as a protected MAC address.
Expand Protected MAC Configuration and contents are displayed as
shown in
. To add a protected MAC address, type a MAC
address and click Add.
Enable ARP Packet Active
Acknowledgement
Enable or disable ARP packet active acknowledgement.
Enable Source MAC Address
Consistency Check
Enable or disable source MAC address consistency check.
Figure 23-4 Protected MAC configuration