The ipv6 nd ns anti-attack rate-limit command configures the rate at which Neighbor Solicitation (NS) messages are sent, that is, the number of ND messages allowed to be processed per second.
The undo ipv6 nd ns anti-attack rate-limit command restores the default configuration.
By default, 550 NS messages are sent per second.
Usage Scenario
When a device is under an attack, a large number of NS messages are received within a short period of time. As a result, lots of CPU resources are used in neighbor entry learning and response, which affects the processing of other services. To resolve this problem, run the ipv6 nd ns anti-attack rate-limit command to configure the rate at which NS messages are sent. With this configuration, when the number of NS messages received exceeds the specified threshold, the device discards the excess NS messages.