3com S7906E Instruccion De Instalación

 

1-3 

Display the ARP source suppression 
configuration information 

display arp 
source-suppression  

Available in any view 

 

Typically, the ARP active acknowledgement feature is configured on gateway devices to identify invalid 

ARP packets. 

ARP active acknowledgement works before the gateway creates or modifies an ARP entry to avoid 

generating any incorrect ARP entry. For details about its working mechanism, refer to ARP Attack 

Protection Technology White Paper. 

Follow these steps to configure ARP active acknowledgement: 

Enter system view 

— 

Enable the ARP active 
acknowledgement function 

Required 

Disabled by default. 

 

This feature allows the device to check the source MAC address of ARP packets. If the number of ARP 

packets sent from a MAC address within five seconds exceeds the specified value, the device 

considers this an attack and adds the MAC address to the attack detection table. Before the attack 

detection entry is aged out, the device generates an alarm and filters out ARP packets sourced from 

that MAC address (in filter mode), or only generates an alarm (in monitor mode). 

A gateway or critical server may send a large number of ARP packets. To prevent these ARP packets 

from being discarded, you can specify the MAC address of the gateway or server as a protected MAC 

address. A protected MAC address is excluded from ARP attack detection even if it is an attacker. 

Only the ARP packets delivered to the CPU are detected. 

Follow these steps to configure source MAC address based ARP attack detection: 

Enter system view 

—