Got it

PORT_ATTACK_OCCUR

Created: Feb 11, 2020 11:05:41Latest reply: Feb 12, 2020 10:13:49 898 2 0 0 0
  Rewarded HiCoins: 0 (problem resolved)

Hi ,


I get an error between two sw



/4/PORTDOWNINFO(l)[315]:Interface GigabitEthernet0/0/2 has turned into DOWN state. (Information=Physical state: down, Negotiation: enable, Negotiation complete: no, Local full-duplex(10M: yes, 100M: yes, 1000M: yes), Local half-duplex(10M: yes, 100M: yes, 1000M: no), Remote full-duplex(10M: no, 100M: no, 1000M: no), Remote half-duplex(10M: no, 100M: no, 1000M: no))


%SECE/4/PORT_ATTACK_OCCUR(l)[317]:Auto port-defend started.(SourceAttackInterface=GigabitEthernet0/0/5, AttackProtocol=ARP-REQUEST)

  • x
  • convention:

Featured Answers
chenhui
Admin Created Feb 12, 2020 00:53:29

Hi @narmen
Possible causes for SECE/4/PORT_ATTACK_OCCUR
When the device detects attack packets on an interface, the device starts attack defense on the interface.
Procedure
Check whether the attack actually occurs on the interface.
If an attack actually occurs, locate the attack source. If no attack occurs, reconfigure the port attack defense function to ensure that valid protocol packets can be sent to the CPU.

For error /4/PORTDOWNINFO, from the logs, the interface turn into down state due to the negotiation failed, you might check the check the full duplex and half duplex configuration on the local and remote side.
View more
  • x
  • convention:

All Answers
chenhui
chenhui Admin Created Feb 12, 2020 00:53:29

Hi @narmen
Possible causes for SECE/4/PORT_ATTACK_OCCUR
When the device detects attack packets on an interface, the device starts attack defense on the interface.
Procedure
Check whether the attack actually occurs on the interface.
If an attack actually occurs, locate the attack source. If no attack occurs, reconfigure the port attack defense function to ensure that valid protocol packets can be sent to the CPU.

For error /4/PORTDOWNINFO, from the logs, the interface turn into down state due to the negotiation failed, you might check the check the full duplex and half duplex configuration on the local and remote side.
View more
  • x
  • convention:

Vijaykumar_Yadav
Vijaykumar_Yadav Created Feb 12, 2020 10:13:49

Run:
system-view
The system view is displayed.

Run:
cpu-defend policy policy-name
An attack defense policy is created and the attack defense policy view is displayed.

The device supports a maximum of 13 attack defense policies, including the default attack defense policy. The default attack defense policy is generated in the system by default and is applied to the device. The default attack defense policy cannot be deleted or modified. The other 12 policies can be created, modified and deleted.

(Optional) Run:
description text
The description of the attack defense policy is configured.

By default, no description is configured for an attack defense policy.
View more
  • x
  • convention:

Comment

You need to log in to comment to the post Login | Register
Comment

Notice: To protect the legitimate rights and interests of you, the community, and third parties, do not release content that may bring legal risks to all parties, including but are not limited to the following:
  • Politically sensitive content
  • Content concerning pornography, gambling, and drug abuse
  • Content that may disclose or infringe upon others ' commercial secrets, intellectual properties, including trade marks, copyrights, and patents, and personal privacy
Do not share your account and password with others. All operations performed using your account will be regarded as your own actions and all consequences arising therefrom will be borne by you. For details, see " Privacy."

My Followers

Login and enjoy all the member benefits

Login

Block
Are you sure to block this user?
Users on your blacklist cannot comment on your post,cannot mention you, cannot send you private messages.
Reminder
Please bind your phone number to obtain invitation bonus.