< Home

deception arp-request rate

Function

The deception arp-request rate command sets an IP address scanning threshold.

The undo deception arp-request rate command restores the IP address scanning threshold to the default value.

By default, the IP address scanning threshold is 10 times per 10 seconds.

Format

deception arp-request rate rate-number

undo deception arp-request rate

Parameters

Parameter Description Value
rate-number

Specifies an IP address scanning threshold.

The value is an integer in the range from 1 to 20000, in "times per 10 seconds".

Views

Deception view

Default Level

2: Configuration level

Usage Guidelines

If the frequency of scanning a destination IP address by a source IP address reaches the specified threshold, the switch considers the event to be a suspected attack. Once the switch detects that the scanned IP address is offline, it immediately lures the traffic to the Decoy for further detection.

Example

# Set the IP address scanning threshold to 20 times per 10 seconds.

<HUAWEI> system-view
[HUAWEI] deception
[HUAWEI-deception] deception arp-request rate 20
Parent Topic: Network Deception Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >