< Home

SECE/4/USER_ATTACK

Message

SECE/4/USER_ATTACK: User attack occurred. (Slot=[STRING], SourceAttackInterface=[STRING], OuterVlan/InnerVlan=[ULONG ]/[ULONG], UserMacAddress=[STRING], AttackProtocol=[STRING], AttackPackets=[ULONG] packets per second)

Description

User attack information is generated on the device.

Parameters

Parameter Name Parameter Meaning

Slot
  • Indicates the slot ID if stacking is not configured.
  • Indicates the stack ID if stacking is configured.

SourceAttackInterface

Indicates the interface that initiates the attack.

OuterVlan

Indicates the outer VLAN ID or single VLAN ID of the attack source.

InnerVlan

Indicates the inner VLAN ID of the attack source.

UserMacAddress

Indicates the MAC address of the attack source.

AttackProtocol

Indicates the protocol type of attack packets.

AttackPackets

Indicates the rate of attack packets, in pps.

Possible Causes

A lot of attack packets from the corresponding VLAN or MAC address are received on the interface.

Procedure

  1. Run the display auto-defend attack-source command to check whether user attack packets exist.
  2. Analyze the features of attack packets, configure the traffic policy according to this information to perform CAR on the packets, and then apply this policy to the device where the attack occurred.
  3. Collect log information and configuration information, and then contact technical support personnel. You can collect diagnostic information using the display diagnostic-information command.
Parent Topic: SECE
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >