ND VLAN CAR allows you to limit the rate of ND packets on the attacked interface without affecting other interfaces. This minimizes the impact of attacks on devices and services. After the alarm function is enabled for ND VLAN CAR and the number of ND packets to be sent to the CPU exceeds the threshold configured for ND VLAN CAR, an alarm is reported.
The system view is displayed.
The slot view is displayed.
The alarm function is enabled for ND VLAN CAR.
In VS mode, this feature is supported only by the admin VS.
Return to the system view.
The interface view is displayed.
The rate limit of ND VLAN CAR for ND packets on an interface is configured.
Return to the system view.
After configuring ND VLAN CAR, verify the configuration.
Run the display ipv6 nd { na | ns-multicast | ns-unicast } rate-limit interface { interface-type interface-num | interface-name } command to check the ND packet rate limit of an interface.
Run the display ipv6 nd { na | ns-multicast | ns-unicast } attack interface { interface-type interface-num | interface-name } [ vlan-id vlan-number | pe-vid pe-vid ce-vid ce-vid ] [ history ] command to check the ND attack information on an interface.
Run the display ipv6 nd { na | ns-multicast | ns-unicast } attack slot { slotid | all } [ history ] command to check the ND attack information of a slot.