How to configure ARP packet rate limit on S series switcheses

For S series switcheses (except S1700 switches): You can configure the rate limit on ARP packets in one of the following methods as required:
- Limiting the rate on ARP packets based on source MAC addresses (supported by the S5720EI, S5720HI, S6720EI, and all S series modular switches, but not supported by E series switches)
# Set the maximum rate of ARP packets from the specified MAC address 0-0-1 to 50 pps.
[HUAWEI] arp speed-limit source-mac 0-0-1 maximum 50
- Limiting the rate on ARP packets based on source IP addresses
# Set the maximum rate of ARP packets from the specified IP address 10.0.0.1 to 50 pps.
[HUAWEI] arp speed-limit source-ip 10.0.0.1 maximum 50
Limiting the rate on ARP packets globally, in a VLAN, or on an interface
# Configure Layer 2 interface GE0/0/1 to allow 200 ARP packets to pass through in 10 seconds, and to discard all ARP packets in 60 seconds when the number of ARP packets exceeds the limit.
[HUAWEI] interface gigabitethernet 0/0/1
[HUAWEI-GigabitEthernet0/0/1] arp anti-attack rate-limit enable
[HUAWEI-GigabitEthernet0/0/1] arp anti-attack rate-limit packet 200 interval 10 block-timer 60
- Limiting the rate on ARP packets on a VLANIF interface of a super-VLAN
# Set the maximum rate of broadcasting ARP Request packets on VLANIF interfaces in all super-VLANs to 500 pps.
[HUAWEI] arp speed-limit flood-rate 500

Scroll to top