ND_1.3.6.1.4.1.2011.5.25.332.2.10 hwNDAntiAttackRateLimit

Trap Buffer Description

Packet speed exceeded the configured speed-limit value. (PacketType=[PktType], SuppressValue=[SupVal], CurrentValue=[CurVal], SuppressType=[SupType], InterfaceName=[IfName], WorkIfName=[WorkIfName], SourceMacAddress=[SrcMac], DestinationMacAddress=[DstMac], SourceAddress=[SrcIp], DestinationAddress=[DstIp], TargetAddress=[TgtIp], PE-VLAN=[PeVlan], CE-VLAN=[CeVlan])

The received rate of ND packets or ND miss messages exceeded the configured rate limit.

In VS mode, this trap is supported only by the admin VS.

Trap Attributes

Trap Attribute	Description
Alarm or Event	Event
Trap Severity	Warning
Mnemonic Code	ND_RCV_RATELIMIT
Trap OID	1.3.6.1.4.1.2011.5.25.332.2.10
MIB	HUAWEI-ND-MIB
Alarm ID	This is an event trap and does not involve alarm ID.
Alarm Name	This is an event trap and does not involve alarm name.
Alarm Type	This is an event trap and does not involve alarm type.
Raise or Clear	This is an event trap and does not involve alarm generation or clearance.
Match trap	-

Trap Buffer Parameters

Parameter	Description
PktType	Type of packets that are suppressed.
SupVal	Rate limit of ND packets or ND miss messages.
CurVal	Current rate of ND packets or ND miss messages.
SupType	Suppress type.
IfName	Interface name.
WorkIfName	Work interface name.
SrcMac	Source MAC address.
DstMac	Destination MAC address.
SrcIp	Source IP address.
DstIp	Destination IP address.
TgtIp	Target IP address.
PeVlan	Outer VLAN ID.
CeVlan	Inner VLAN ID.

VB Parameters

VB OID	VB Name	VB Index
1.3.6.1.4.1.2011.5.25.332.1.6.1.1	hwNDLimitPacketType	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.2	hwNDLimitSuppressVal	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.3	hwNDLimitCurrentVal	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.4	hwNDLimitSuppressType	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.5	hwNDLimitIf	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.6	hwNDLimitWorkIf	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.7	hwNDLimitSrcMAC	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.8	hwNDLimitDstMAC	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.9	hwNDLimitSrcIP	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.10	hwNDLimitDstIP	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.11	hwNDLimitTargetIP	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.12	hwNDLimitPeVLAN	hwNDLimitPacketType
1.3.6.1.4.1.2011.5.25.332.1.6.1.13	hwNDLimitCeVLAN	hwNDLimitPacketType

Impact on the System

If ND packets are suppressed, the received rate of ND packets exceeds the configured rate limit.

As a result, some ND packets are discarded and traffic cannot be forwarded normally.

If ND miss messages are suppressed, the transmit rate of ND miss messages exceeds the configured rate limit.

As a result, some ND miss messages are discarded and NS packets cannot be triggered. Therefore, traffic cannot be forwarded normally.

Possible Causes

Cause 1: The rate of receiving ND packets based on the source MAC address exceeded the configured rate limit.

Cause 2: The rate of receiving ND packets based on the source IP address exceeded the configured rate limit.

Cause 3: The rate of receiving ND packets based on the destination IP address exceeded the configured rate limit.

Cause 4: The rate at which ND packets are received based on the destination IP address exceeds the configured rate limit.

Cause 5: The rate of receiving VR-based ND packets exceeds the configured rate limit.

Cause 6: The rate at which ND Miss messages are received based on VR exceeds the configured rate limit.

Cause 7: The rate at which ND packets are received based on the source IP address of the interface exceeds the configured rate limit.

Cause 8: The rate at which interface-based ND packets are received exceeded the configured rate limit.

Cause 9: The rate at which ND Miss messages are received on an interface exceeded the configured rate limit.

Cause 10: The rate at which ND packets are received based on LR exceeds the configured rate limit.

Cause 11: The rate at which ND Miss messages are received based on LR exceeds the configured rate limit.

Procedure

1. Check the value of SuppressType.

2. Run the display ipv6 nd anti-attack rate-limit configuration command to check the rate limit for ND packets or ND Miss messages.

3. Adjust the value of the corresponding command according to the prompt in Step 1.

If Suppress Type is SRCIP, run the ipv6 nd {ns |na | rs | ra | miss} anti-attack rate-limit source-ip maximum command in the system view or the ipv6 nd {ns |na | rs | ra} anti-attack rate-limit source-ip all maximum command in the system view.
If Suppress Type is SRCMAC, run the ipv6 nd {ns |na | rs | ra} anti-attack rate-limit source-mac maximum command in the system view or run the ipv6 nd {ns |na | rs | ra} anti-attack rate-limit source-mac all maximum command in the system view.
When Suppress Type is set to INTERFACE(Interface), run the ipv6 nd {ns | na | rs | ra} anti-attack rate-limit command in the interface view or run the ipv6 nd miss anti-attack rate-limit command in the interface view.
If Suppress Type is INTERFACESRCIP, run the ipv6 nd {ns | na | rs | ra | miss} anti-attack rate-limit source-ip maximum command in the interface view.
If Suppress Type is set to VSGLOBAL, run the ipv6 nd {ns | na | rs | ra} anti-attack rate-limit or ipv6 nd miss anti-attack rate-limit command in the system view.
If SuppressType is set to LSGLOBAL, the overall rate limit does not need to be adjusted.
If Suppress Type is set to DSTIP, run the ipv6 nd {ns | na | rs | ra} anti-attack rate-limit destination-ip maximum command in the system view or run the ipv6 nd {ns |na | rs | ra} anti-attack rate-limit destination-ip all maximum command in the system view.
If Suppress Type is set to TGTIP, run the ipv6 nd {ns | na} anti-attack rate-limit target-ip maximum command in the system view or run the ipv6 nd {ns |na} anti-attack rate-limit target-ip all maximum command in the system view.

4. Reconfigure the rate limit for ND packets or ND Miss packets (the value must be greater than the value queried in step 2) and check whether logs are reported.

If so, go to Step 5.
If not, go to Step 6.

5. Collect log and configuration information, and contact Huawei technical support personnel.

6. End.