rate of packets to cpu exceeded 故障处理（rate手表）

rate of packets to cpu exceeded 故障处理（rate手表）

rate of packets to cpu exceeded the cpcar limit on the mpu (Protocol=cpu-defend policy test //创建防攻击策略，策略名为test

[HUAWEI-cpu-defend-policy-test] auto-defend enable //使能攻击溯源功能

[HUAWEI-cpu-defend-policy-test] auto-defend protocol all //配置攻击溯源防范的报文类型

[HUAWEI-cpu-defend-policy-test] auto-defend threshold 64 //配置攻击溯源检查阈值

[HUAWEI-cpu-defend-policy-test] auto-defend attack-packet sample 10 //配置攻击溯源采样比

[HUAWEI-cpu-defend-policy-test] auto-defend alarm enable //使能攻击溯源告警功能

[HUAWEI-cpu-defend-policy-test] auto-defend alarm threshold 64 //配置攻击溯源告警阈值

[HUAWEI-cpu-defend-policy-test] auto-defend action deny //配置攻击溯源的惩罚措施

[HUAWEI-cpu-defend-policy-test] quit //返回系统视图

[HUAWEI] cpu-defend-policy test global //应用防攻击策略

执行之后，然后过一段时间，display auto-defend attack-source命令用来查看 一下

dis log

Logging buffer configuration and contents : enabled

... ...

Dec 17 2020 13:11:32+08:00 S6720-30C-EI-24S-AC %%01SECE/4/STRACK_DENY(l)[0]:Some packets are dropped because an attack is detected.(Interface=XGigabitEthernet0/0/3, sourceMAC=0000-0000-0000, sourceIP=10.77.81.252, CVLAN=0, PVLAN=0)

Dec 17 2020 13:11:32+08:00 S6720-30C-EI-24S-AC %%01SECE/4/SPECIFY_SIP_ATTACK(l)[1]:The specified source IP address attack occurred.(Slot=MPU, SourceAttackIP=10.77.81.252, AttackProtocol=ARP, AttackPackets=70 packets per second)

Dec 17 2020 13:11:32+08:00 S6720-30C-EI-24S-AC %%01SECE/4/STRACK_DENY(l)[2]:Some packets are dropped because an attack is detected.(Interface=XGigabitEthernet0/0/3, sourceMAC=0000-0000-0000, sourceIP=0.0.0.0, CVLAN=0, PVLAN=1080)

Dec 17 2020 13:11:32+08:00 S6720-30C-EI-24S-AC %%01SECE/4/PORT_ATTACK(l)[3]:Port attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet0/0/3, OuterVlan/InnerVlan=1080/0, AttackProtocol=ARP, AttackPackets=70 packets per second)

Dec 17 2020 13:11:32+08:00 S6720-30C-EI-24S-AC %%01SECE/4/STRACK_DENY(l)[4]:Some packets are dropped because an attack is detected.(Interface=XGigabitEthernet0/0/3, sourceMAC=e040-070b-1329, sourceIP=0.0.0.0, CVLAN=0, PVLAN=0)

Dec 17 2020 13:11:32+08:00 S6720-30C-EI-24S-AC %%01SECE/4/USER_ATTACK(l)[5]:User attack occurred.(Slot=MPU, SourceAttackInterface=XGigabitEthernet0/0/3, OuterVlan/InnerVlan=1080/0, UserMacAddress=e040-070b-1329, AttackProtocol=ARP AttackPackets=70 packets per second)

Dec 17 2020 13:11:22+08:00 S6720-30C-EI-24S-AC %%01SECE/4/PORT_ATTACK_OCCUR(l)[6]:Auto port-defend started.(SourceAttackInterface=XGigabitEthernet0/0/3, AttackProtocol=ARP-REQUEST)

Dec 17 2020 13:01:48+08:00 S6720-30C-EI-24S-AC %%01DEFD/4/CPCAR_DROP_MPU(l)[7]:Rate of packets to cpu exceeded the CPCAR limit on the MPU. (Protocol=CIR/CBS=64/12032, ExceededPacketCount=66)

Dec 17 2020 12:53:17+08:00 S6720-30C-EI-24S-AC %%01SECE/4/PORT_ATTACK_OCCUR(l)[8]:Auto port-defend started.(SourceAttackInterface=XGigabitEthernet0/0/3, AttackProtocol=ARP-REQUEST)

Dec 17 2020 12:32:31+08:00 S6720-30C-EI-24S-AC %%01SECE/4/PORT_ATTACK_OCCUR(l)[9]:Auto port-defend started.(SourceAttackInterface=XGigabitEthernet0/0/3, AttackProtocol=ARP-REQUEST)

Dec 17 2020 12:29:49+08:00 S6720-30C-EI-24S-AC %%01SECE/4/PORT_ATTACK_OCCUR(l)[10]:Auto port-defend started.(SourceAttackInterface=XGigabitEthernet0/0/2, AttackProtocol=ARP-REQUEST)

Dec 17 2020 12:05:48+08:00 S6720-30C-EI-24S-AC %%01SECE/4/PORT_ATTACK_OCCUR(l)[11]:Auto port-defend started.(SourceAttackInterface=XGigabitEthernet0/0/2, AttackProtocol=ARP-REQUEST)

版权声明：本文内容由网络用户投稿，版权归原作者所有，本站不拥有其著作权，亦不承担相应法律责任。如果您发现本站中有涉嫌抄袭或描述失实的内容，请联系我们jiasou666@gmail.com 处理，核实后本网站将在24小时内删除侵权内容。