Specifications

ManualsBrandsDigitalchina Networks ManualsComputer equipmentDCS-3950 series

341

342

343

344

345

346

347

348

349

350

337

DCS-3950 series Ethernet switch manual

21.2.2.3 anti-arpscan ip-based threshold <threshold-value>

Command：anti-arpscan ip-based threshold <threshold-value>

no anti-arpscan ip-based threshold

Function：Set the threshold of received messages of the IP-based ARP scanning

prevention. If the rate of received ARP messages exceeds the threshold, the IP

messages from this IP will be blocked. The unit is packet/second. The ‘no anti-arpscan

ip-based threshold’ command will reset the default value, 3 packets per second.

Parameters：rate threshold, ranging from 2 to 200.

Default：3 packets per second

Command mode：Global Mode

User Guide：the threshold of port-based ARP scanning prevention should be larger than

the threshold of IP-based ARP scanning prevention, or, the IP-based ARP scanning

prevention will fail.

Example：Set the threshold of IP-based ARP scanning prevention as 6 packets per

second.

Switch(Config)#anti-arpscan port-based threshold 6

21.2.2.4 anti-arpscan trust <port|supertrust-port>

Command：anti-arpscan trust <port | supertrust-port>

no anti-arpscan trust <port | supertrust-port>

Function：Configure a port as a trusted port or a super trusted port;’ no anti-arpscan trust

<port | supertrust-port>‘command will reset the port as an untrusted port.

Parameters：None.

Default：By default all the ports are non- trustful.

Command mode：Port Mode.

User Guide：If a port is configured as a trusted port, then the ARP scanning prevention

function will not deal with this port, even if the rate of received ARP messages exceeds

the set threshold, this port will not be closed, but the non- trustful IP of this port will still be

checked. If a port is set as a super non- trustful port, then neither the port nor the IP of

the port will be dealt with. If the port is already closed by ARP scanning prevention, it will

be opened right after being set as a trusted port.

Example：Set port ethernet 1/5 of the switch as a trusted port

Switch(Config)#interface ethernet 0/0/5

Switch(Config-if-ethernet 0/0/5)# anti-arpscan trust port

21.2.2.5 anti-arpscan trust ip <ip-address> [<netmask>]

Command：anti-arpscan trust ip <ip-address [<netmask>]>

no anti-arpscan trust ip <ip-address [<netmask>]>

Function ： Configure trusted IP;’ no anti-arpscan trust ip

<ip-address[<netmask>]>‘command reset the IP to non-trustful IP.

Parameters：Net mask of the IP