auto-port-defend alarm enable

Function

The auto-port-defend alarm enable command enables the report of port attack defense events.

The undo auto-port-defend alarm enable command disables the report of port attack defense events.

By default, port attack defense events are not reported.

Format

auto-port-defend alarm enable

undo auto-port-defend alarm enable

Parameters

None

Views

Attack defense policy view

Default Level

2: Configuration level

Usage Guidelines

Usage Scenario

If a port undergoes a DoS attack, the malicious attack packets sent from this port to the CPU occupy bandwidth. As a result, the CPU cannot process the protocol packets sent from other ports, and services are interrupted. In this situation, you can enable the report of port attack defense events. When the rate of protocol packets on a port exceeds the check threshold, the switch reports an event to notify the network administrator, so that the administrator can promptly take measures to protect the switch.

Prerequisites

The port attack defense function has been enabled using the auto-port-defend enable command.

Follow-up Procedure

Run the auto-port-defend protocol { all | arp-request | arp-reply | dhcp | icmp | igmp | ip-fragment } threshold threshold command to set the threshold for protocol packet check in port attack defense.

Example

# Enable the report of port attack defense events in the attack defense policy test.

<HUAWEI> system-view
[HUAWEI] cpu-defend policy test
[HUAWEI-cpu-defend-policy-test] auto-port-defend enable
[HUAWEI-cpu-defend-policy-test] auto-port-defend alarm enable