The arp anti-attack rate-limit alarm enable command enables the alarm function for ARP packets discarded when the rate of ARP packets exceeds the limit.
The undo arp anti-attack rate-limit alarm enable command disables the alarm function for ARP packets discarded when the rate of ARP packets exceeds the limit.
By default, the alarm function for ARP packets discarded when the rate of ARP packets exceeds the limit is disabled.
System view, VLAN view, Ethernet interface view, GE interface view, 40GE interface view, XGE interface view, 25GE interface view, 100GE interface view, MultiGE interface view, port group view, Eth-Trunk interface view
Usage Scenario
After rate limit on ARP packets is enabled, if you want the device to generate alarms for excessive discarded ARP packets, run the arp anti-attack rate-limit alarm enable command. When the number of discarded ARP packets exceeds the alarm threshold, the device generates an alarm.
You can set the alarm threshold using the arp anti-attack rate-limit alarm threshold command.
Prerequisites
Rate limit on ARP packets has been enabled using the arp anti-attack rate-limit enable command.
# Enable rate limit on ARP packets globally and enable the alarm function.
<HUAWEI> system-view [HUAWEI] arp anti-attack rate-limit enable [HUAWEI] arp anti-attack rate-limit alarm enable
# Enable rate limit for the ARP packets on Layer 2 interface GE0/0/1 and enable the alarm function.
<HUAWEI> system-view [HUAWEI] interface gigabitethernet 0/0/1 [HUAWEI-GigabitEthernet0/0/1] arp anti-attack rate-limit enable [HUAWEI-GigabitEthernet0/0/1] arp anti-attack rate-limit alarm enable
<HUAWEI> system-view [HUAWEI] interface gigabitethernet 0/0/1 [HUAWEI-GigabitEthernet0/0/1] undo portswitch [HUAWEI-GigabitEthernet0/0/1] arp anti-attack rate-limit enable [HUAWEI-GigabitEthernet0/0/1] arp anti-attack rate-limit alarm enable