This section provides a sample of configuring rate limiting for protocol packets to be sent to the CPU using the edit-config method.
Operation |
XPATH |
|---|---|
edit-config |
|
Item |
Data |
Description |
|---|---|---|
Name of the attack defense policy |
test |
Set the name of the attack defense policy to test. |
Type of CPU-forwarded protocol packets to be rate-limited or discarded |
arp-request |
Rate-limit ARP Request packets to be sent to the CPU. |
CIR for protocol packets to be sent to the CPU |
8 |
Set the CIR for ARP Request packets to be sent to the CPU to 8 kbit/s. |
CBS for protocol packets to be sent to the CPU |
10000 |
Set the CBS for ARP Request packets to be sent to the CPU to 10000 bytes. |
Type of protocol packets to be rate-limited or discarded |
vbst |
Discard VBST packets to be sent to the CPU. |
Deny action for protocol packets to be sent to the CPU |
- |
Discard VBST packets to be sent to the CPU. |
Request Example
<?xml version="1.0" encoding="utf-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
<edit-config>
<target>
<running/>
</target>
<config>
<defend xmlns="urn:huawei:params:xml:ns:yang:huawei-traffic">
<policy>
<policy-list>
<name>test</name>
<car>
<packet>
<packet-type>arp-request</packet-type>
<cir>8</cir>
<cbs>10000</cbs>
</packet>
<packet>
<packet-type>vbst</packet-type>
<deny/>
</packet>
</car>
</policy-list>
</policy>
</defend>
</config>
</edit-config>
</rpc>
Response Example
# Sample of successful response
##### Ok Reply or Operation Successful ##### <?xml version='1.0' encoding='UTF-8'?> <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1"> <ok/> </rpc-reply>
# Sample of failed response
<?xml version="1.0" encoding="utf-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="1">
<rpc-error>
<error-app-tag>-1</error-app-tag>
<error-message>This packet-type capwap does not support.</error-message>
<error-info>Error on node /huawei-traffic:defend/policy/policy-list[name="test"]/car</error-info>
</rpc-error>
</rpc-reply>
Delete the configuration performed in Data Requirement 1.
Request Example
<?xml version="1.0" encoding="utf-8"?>
<rpc xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="2">
<edit-config>
<target>
<running/>
</target>
<config>
<defend xmlns="urn:huawei:params:xml:ns:yang:huawei-traffic">
<policy>
<policy-list>
<name>test</name>
<car nc:operation="remove" xmlns:nc="urn:ietf:params:xml:ns:netconf:base:1.0">
<packet>
<packet-type>arp-request</packet-type>
<cir>8</cir>
<cbs>10000</cbs>
</packet>
<packet>
<packet-type>vbst</packet-type>
<deny/>
</packet>
</car>
</policy-list>
</policy>
</defend>
</config>
</edit-config>
</rpc>
Response Example
# Sample of successful response
##### Ok Reply or Operation Successful ##### <?xml version='1.0' encoding='UTF-8'?> <rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="2"> <ok/> </rpc-reply>
# Sample of failed response
<?xml version="1.0" encoding="utf-8"?>
<rpc-reply xmlns="urn:ietf:params:xml:ns:netconf:base:1.0" message-id="2">
<rpc-error>
<error-app-tag>-1</error-app-tag>
<error-message>The configuration/operation does not support.</error-message>
<error-info>Error on node /huawei-traffic:defend/policy/policy-list[name="test"]/car</error-info>
</rpc-error>
</rpc-reply>