Loading ...
Loading ...
Loading ...
4 Configuration DES-1210/ME Series Metro Ethernet Managed Switch User Manual
80
ARP to the network claiming to be the gateway, so that the whole network operation is turned down as all
packets to the Internet will be directed to the wrong node.
The ARP Spoofing Prevention function can discard the ARP Spoofing Attack in the network by checking the
gratuitous ARP packets and filtering those with illegal IP or MAC addresses.
Figure 4.127 – Security > ARP Spoofing Prevention Setting
Enter the IP Address, MAC Address, Ports and then click Add to create a checking/filtering rule. Click
Delete to remove an existing rule and Delete All to clear all the entries.
Security > Gratuitous ARP
The Gratuitous ARP page shows the settings on the Switch. An ARP announcement (also known as
Gratuitous ARP) is a packet (usually an ARP Request) containing a valid SHA (Sender Hardware Address)
and SPA (Sender Protocol Address) for the host which sent it, with TPA (Target Protocol Address) equal to
SPA. Such a request is not intended to solicit a reply, but merely update the ARP caches of other hosts
which receive the packet and determine if there are any IP conflicts.
Figure 4.128 – Security > Gratuitous ARP
Send when IP Interface is up: This is used to enable/disable the sending of gratuitous ARP request
packets while an IP interface comes up. This is used to automatically announce the interface’s IP address to
other nodes. By default, the state is Disabled, and only one ARP packet will be broadcast.
Send when duplicated IP is detected: This is used to enable/disable the sending of gratuitous ARP
request packets while a duplicate IP is detected. By default, the state is Disabled. Duplicate IP detected
means that the system received an ARP request packet that is sent by an IP address that matches the
system’s own IP address.
Loading ...
Loading ...
Loading ...