Received an ARP packet with a duplicate IP address from the interface. (InterfaceName=[InterfaceName], IpAddress=[IpAddress], MacAddress=[MacAddress], PE-VLAN=[PeVLAN], CE-VLAN=[CeVLAN])
An interface received an ARP packets carrying an IP address the same as an existing one.
| Trap Attribute | Description |
|---|---|
Alarm or Event |
Event |
Trap Severity |
Warning |
Mnemonic Code |
ARP_DUPLICATE_IPADDR |
Trap OID |
1.3.6.1.4.1.2011.5.25.165.2.2.2.1 |
MIB |
HUAWEI-SECURITY-MIB |
Alarm ID |
This is an event trap and does not involve alarm ID. |
Alarm Name |
This is an event trap and does not involve alarm name. |
Alarm Type |
This is an event trap and does not involve alarm type. |
Raise or Clear |
This is an event trap and does not involve alarm generation or clearance. |
Match trap |
- |
| Parameter | Description |
|---|---|
InterfaceName |
Name of an interface. |
IpAddress |
IP address that is conflicted with the existing one. |
MacAddress |
MAC address. |
PeVLAN |
Outer VLAN. |
CeVLAN |
Inner VLAN. |
| VB OID | VB Name | VB Index |
|---|---|---|
1.3.6.1.4.1.2011.5.25.165.2.1.2.1 |
hwArpsSourceInterface |
- |
1.3.6.1.4.1.2011.5.25.165.2.1.2.2 |
hwArpsSourceIp |
- |
1.3.6.1.4.1.2011.5.25.165.2.1.2.3 |
hwArpsSourceMac |
- |
1.3.6.1.4.1.2011.5.25.165.2.1.2.4 |
hwArpsPVlan |
- |
1.3.6.1.4.1.2011.5.25.165.2.1.2.5 |
hwArpsCVlan |
- |
Check the devices with the same IP address on the network according to the conflicting VLAN, interface, and IP address in the log. Modify the interface IP address according to the address planning to remove the address conflict.
Find the attack source according to the conflicting VLAN, interface, and IP address in the log, and configure the device to prevents ARP spoofing attacks. In addition, you are advised to remove virus from the PC or server in the attacked network.