AR router troubleshooting guide: ARP attacks and Drop alarms occur on a gateway device

11

For the problem that ARP attacks and Drop alarms occur on a gateway device, see the troubleshooting guide. For details, access the URL in the right column.

Other related questions:
Configure attack defense on an AR router
Attack defense mainly defends the CPU against attack packets to ensure that the server can normally run in case of an attack. Attack defense configuration is composed of the following parts: enabling attack defense, (optional) configuring flooding defense parameters, super-large ICMP packet defense parameters, and scan attack defense parameters, and checking configuration result. By default, no type of attack defense is enabled. For details about how to configure attack defense of AR series routers using command lines and through the web NMS, see the URL: AR router configuration attack defense .

Why does the AR router not raise alarms
SNMP provides the alarm control function which can be used to control the alarm output of a module. A device can raise alarms only when this function is enabled on it. To enable the alarm switch control function, perform the following steps: 1. Run the system-view command to enter the system view. 2. Run the snmp-agent trap enable command to enable the device to send alarms to the NMS. 3. Run the snmp-agent target-host trap-paramsname paramsname v1 securityname securityname [ binding-private-value ] [ trap-filterprofilename filterprofilename ] [ private-netmanager ] command to set the parameters of the Trap package sent by the device. 4. Run the snmp-agent target-host trap-hostname hostname address ipv4-addr [ udp-port udp-portid ] [ public-net | vpn-instance vpn-instance-name ] trap-paramsname paramsnam command to configure the target host to which the device sends alarms and error codes. Description: 1. The binding-private-value parameter is supported in V200R001C01 or later. 2. The private-netmanager parameter is supported in V200R002C00 or later.

How to configure ARP anti-attack on an AR router
On a network, common ARP attack methods include ARP flooding and ARP spoofing. To avoid different types of harm caused by the ARP attacks, multiple types of solutions to the ARP security features are provided according to the attack types. By configuring ARP anti-flooding
and anti-spoofing, the maintenance cost arising from ensuring normal running of a network and security of network information can be effectively reduced, thereby providing users with a more secure network environment and more stable network services. For details about the configuration procedure, see the URL: AR100&AR120&AR150&AR160&AR200&AR1200& AR1600&AR2200&AR3200&AR3600 V200R007 Product Documentation.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top