H3C LS-3100-52P-OVS-H3 Operation Manual - page 353
3-5
ARP detection also checks source MAC address consistency of ARP packets, but it is enabled on an
access device to detect only ARP packets sent to it.
Configuring ARP Packet Source MAC Address Consistency Check
Follow these steps to enable ARP packet source MAC address consistency check:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enable ARP packet source MAC
address consistency check
arp anti-attack valid-check enable
Required
Disabled by default.
Configuring ARP Packet Rate Limit
Introduction
This feature allows you to limit the rate of ARP packets to be delivered to the CPU.
Configuring the ARP Packet Rate Limit Function
Follow these steps to configure ARP packet rate limit:
To do…
Use the command…
Remarks
Enter system view
system-view
—
Enter Ethernet port view
interface interface-type
interface-number
—
Configure ARP packet rate limit
arp rate-limit { disable | rate
pps drop }
Required
By default, the ARP packet rate
limit is enabled and is 100 pps.
Configuring ARP Detection
z
For information about DHCP snooping, refer to DHCP Configuration in the IP Services Volume.
z
For information about 802.1X, refer to 802.1X Configuration in the Security Volume.
Introduction to ARP Detection
The ARP detection feature allows only the ARP packets of legal clients to be forwarded.