Manualshelf

User's Manual

ManualsBrandsPLANET Technology ManualsLAN SwitchesLayer 3 48-Port 10G SFP+ + 2-Port 40G QSFP+ + 4-Port 100G QSFP28 Managed Switch
371372373374375376377378379380
372
50.2 Using Filter IP to Protect Layer-3 Network
As shown in the following figure, Switch is connected to multiple LANs, servers and the internet. IP packet
attack prevention can block IP scan of cross-subnet and large network connections triggered by BitTorrent in
a short time.
Sets the parameter of Filter. A host sending more than 300 ARP messages in 1 minute will be taken as an
attack source.
Switch# config
Switch_config# filter period 60
Switch_config# filter threshold ip 300
Enable IP packet filter in the global configuration mode and the interface mode. Note that the interface
connecting the server and the external network is no need to configure:
Switch_config# filter ip source-ip
Switch_config# interface g1/1
Switch_config_g1/1# filter ip source-ip
Switch_config_g1/1# interface g1/3
Switch_config_g1/3# filter ip source-ip
Switch_config_g1/3# exit
Switch_config#
Enables Filter:
Switch_config# filter enable