Huawei port-defend configuration

Details

Sometimes you see in the logging information about "Auto port-defend started" for specific protocols. Per default Huawei has configured port-defend for different protocols which can be adjusted or disabled.

As an example the following messages will be displayed in the logbuffer when automatic port-defend is started (in this case for IGMP):

Jun 20 2023 15:08:42+01:00 netcamp %%01SECE/4/PORT_ATTACK_OCCUR(l)[0]:Auto port-defend started. (SourceAttackInterface=XGigabitEthernet0/0/4, AttackProtocol=IGMP)

To disable the port-defend completely for IGMP (or any other protocols) you can do the following configurations:

1.

Create new cpu-defend policy

<Huawei> system-view
[Huawei] cpu-defend policy disable-igmp-defend
[Huawei-cpu-defend-policy-disable-igmp-defend] undo auto-port-defend protocol igmp
2.

Activate policy globally

<Huawei> system-view
[Huawei] cpu-defend-policy disable-igmp-defend global
3. Check the configured policy

<Huawei> display auto-port-defend configuration

➡️ Instead of disabling the auto-defend for a specific protocol you can also just adjust the parameters. This can be done within the policy (in step 1 above).

 

Loading comment... The comment will be refreshed after 00:00.
Write comments...
You are a guest ( Sign Up ? )
or post as a guest

eBooks

eBook Huawei HCIA Datacom Command Guide

Search

Newsletter

Main Menu Offcanvas (de)

hacklinkserp takipteknik seo rehberiicerik optimizasyonuyerel seogoogle algoritma guncellemeleribacklink stratejileribacklink nedirdofollow nofollow backlinkguest post backlinkanchor text optimizasyonubroken link buildingcore web vitals seoschema markupsite hizi optimizasyonumobile first indexingxml sitemap robots txtseo uyumlu icerikanahtar kelime arastirmasieeat google kalitegoogle analytics seorakip analizi seoseo raporlama metriklerigoogle my business seoyerel arama siralama