display ipv6 nd anti-attack record
Usage Guidelines
Usage Scenario
You can run the display ipv6 nd anti-attack record command to view ND message attack records, thereby obtaining information about the attack source. For example, you can configure a rate at which a device processes ND messages so that the device processes only the specified number of ND messages within a specified period and discards excess ND messages. To view records about discarded ND messages, run the display ipv6 nd anti-attack record command.
Example
The actual command output varies according to the device. The command output here is only an example.
<HUAWEI> display ipv6 nd anti-attack record gigabitethernet 0/1/1 ---------------------------------------------------------------------------------- Packet Type : NA Interface Name : Gigabitethernet0/1/1 Source IP : 2001:db8:1::1 Destination IP : 2001:db8:1::2 Target IP : 2001:db8:1::1 Source MAC : 00-e0-fc-12-34-56 Destination MAC : 00-e0-fc-12-34-78 PE Vlan : - CE Vlan : - Attack Count : 12 Last Attack Time : 2021-02-18 03:42:57 Dropped Reason : VR destination ip attack limit ---------------------------------------------------------------------------------- Total: 1
| Item | Description |
|---|---|
| Packet Type | Message type. |
| Interface Name | Interface name. |
| Source IP | Source IP address. |
| Source MAC | Source MAC address. |
| Destination IP | Destination IP address. |
| Destination MAC | Destination MAC address. |
| Target IP | Target IP address. |
| PE Vlan | Outer VLAN ID. |
| CE Vlan | Inner VLAN ID. |
| Attack Count | Number of attacks. |
| Last Attack Time | Latest attack time. |
| Dropped Reason | Reason for message discarding. |
| Total | Total number. |