Sometimes you see in the logging information about "Auto port-defend started" for specific protocols. Per default Huawei has configured port-defend for different protocols which can be adjusted or disabled.
As an example the following messages will be displayed in the logbuffer when automatic port-defend is started (in this case for IGMP):
Jun 20 2023 15:08:42+01:00 netcamp %%01SECE/4/PORT_ATTACK_OCCUR(l)[0]:Auto port-defend started. (SourceAttackInterface=XGigabitEthernet0/0/4, AttackProtocol=IGMP)
To disable the port-defend completely for IGMP (or any other protocols) you can do the following configurations:
| 1. |
Create new cpu-defend policy
|
| 2. |
Activate policy globally
|
| 3. | Check the configured policy
|
➡️ Instead of disabling the auto-defend for a specific protocol you can also just adjust the parameters. This can be done within the policy (in step 1 above).