3com 5500-ei pwr Reference Guide

Page of 1314
 
4-7 
system-guard tcn enable 
Syntax 
system-guard tcn enable 
undo system-guard tcn enable 
View 
System view 
Parameters 
None 
Description 
Use the system-guard tcn enable command to enable System Guard against TCN attacks.  
Use the undo system-guard tcn enable command to disable System Guard against TCN attacks. 
With this feature enabled, System Guard monitors the TCN/TC packet receiving rate on the ports. If the 
rate exceeds the preset threshold, the system will output trap and log information to notify the user and 
starts to send only on TCN/TC packet to the CPU in a 10-second cycle. This can prevent MAC and ARP 
entries from being frequently deleted by STP or RSTP; in addition, when the TCN/TC packet rate 
exceeds the preset threshold, proper measures can be taken based on the output trap and log 
information.  
By default, this feature is disabled.  
Examples 
# Enable System Guard against TCN attacks.  
<Sysname> system-view 
System View: return to User View with Ctrl+Z. 
[Sysname] system-guard tcn enable 
system-guard tcn rate-threshold 
Syntax 
system-guard tcn rate-threshold rate-threshold 
undo system-guard tcn rate-threshold 
View 
System view 
Parameters 
rate-threshold: TCN/TC packet receiving rate in packets per second (pps), with an effective range of 1 
to 20. 
Description 
Use the system-guard tcn rate-threshold command to set the threshold of TCN/TC packet receiving 
rate, which will trigger the output of trap and log information.