Planet XGS3-24042 User Manual Page 215
- Page / 721
- Table of contents
- TROUBLESHOOTING
- BOOKMARKS
Rated. / 5. Based on customer reviews
24-52
Chapter 24 Prevent ARP, ND Spoofing
Configuration
24.1 Overview
24.1.1 ARP (Address Resolution Protocol)
Generally speaking, ARP (RFC-826) protocol is mainly responsible of mapping IP address to relevant 48-bit
physical address, that is MAC address, for instance, IP address is 192.168.0.1, network card Mac address is
00-30-4F-FD-1D-2B. What the whole mapping process is that a host computer send broadcast data packet
involving IP address information of destination host computer, ARP request, and then the destination host
computer send a data packet involving its IP address and Mac address to the host, so two host computers can
exchange data by MAC address.
24.1.2 ARP Spoofing
In terms of ARP Protocol design, to reduce redundant ARP data communication on networks, even though a
host computer receives an ARP reply which is not requested by itself, it will also insert an entry to its ARP
cache table, so it creates a possibility of “ARP spoofing”. If the hacker wants to snoop the communication
between two host computers in the same network (even if are connected by the switches), it sends an ARP
reply packet to two hosts separately, and make them misunderstand MAC address of the other side as the
hacker host MAC address. In this way, the direct communication is actually communicated indirectly among
the hacker host computer. The hackers not only obtain communication information they need, but also only
need to modify some information in data packet and forward successfully. In this sniff way, the hacker host
computer doesn’t need to configure intermix mode of network card, that is because the data packet between
two communication sides are sent to hacker host computer on physical layer, which works as a relay.
24.1.3 How to prevent void ARP/ND Spoofing
There are many sniff, monitor and attack behaviors based on ARP protocol in networks, and most of attack
behaviors are based on ARP spoofing, so it is very important to prevent ARP spoofing. ARP spoofing
accesses normal network environment by counterfeiting legal IP address firstly, and sends a great deal of
counterfeited ARP application packets to switches, after switches learn these packets, they will cover
previously corrected IP, mapping of MAC address, and then some corrected IP, MAC address mapping are
modified to correspondence relationship configured by attack packets so that the switch makes mistake on
transfer packets, and takes an effect on the whole network. Or the switches are made used of by vicious
attackers, and they intercept and capture packets transferred by switches or attack other switches, host
computers or network equipment.
- User's Manual 1
- 24-Port Gigabit 1
- Content 3
- Chapter 1 INTRODUTION 22
- 1.3 Product Features 24
- 1.4 Product Specification 26
- Port configuration 27
- Chapter 2 INSTALLATION 30
- 2.1.2 LED Indications 31
- 2.1.3 Switch Rear Panel 34
- 2.2 Install the Switch 35
- 2.2.1 Desktop Installation 35
- 2.2.2 Rack Mounting 36
- Chapter 3 Switch Management 40
- 3.1.2 In-band Management 43
- 3.1.2.2 Management via HTTP 46
- 3.2 CLI Interface 49
- 3.2.1 Configuration Modes 49
- 3.2.1.1 User Mode 50
- 3.2.1.2 Admin Mode 50
- 3.2.1.3 Global Mode 51
- 3.2.2 Configuration Syntax 52
- 3.2.3 Shortcut Key Support 52
- 3.2.4 Help Function 53
- 3.2.5 Input Verification 53
- 3.2.6 Fuzzy Match Support 54
- 4.1 Basic Configuration 55
- 4.2 Telnet Management 56
- 4.2.1 Telnet 56
- 4.2.2 SSH 57
- 4.4 SNMP Configuration 60
- 4.4.1 Introduction to SNMP 60
- 4.4.2 Introduction to MIB 61
- 4.4.3 Introduction to RMON 62
- 4.4.4 SNMP Configuration 62
- 4.4.6 SNMP Troubleshooting 66
- 4.5 Switch Upgrade 67
- 4.5.1 Switch System Files 67
- 4.5.2 BootROM Upgrade 67
- 4.5.3 FTP/TFTP Upgrade 70
- 5.3 Typical Applications 81
- 5.4 Troubleshooting 81
- Chapter 7 Port Configuration 87
- 7.4 Port Troubleshooting 90
- 10.4 ULDP Troubleshooting 102
- Configuration 104
- 12.4 Port Channel Examples 113
- 13.1 Introduction to Jumbo 116
- 14.1 Introduction to EFM OAM 117
- 14.2 EFM OAM Configuration 119
- 14.3 EFM OAM Example 121
- 14.4 EFM OAM Troubleshooting 122
- 15.1 VLAN Configuration 124
- 15.1.1 Introduction to VLAN 124
- 15.2 GVRP Configuration 131
- 15.2.1 Introduction to GVRP 131
- 15.2.3 Example of GVRP 132
- 15.2.4 GVRP Troubleshooting 134
- 16.1.1 Obtaining MAC Table 146
- 16.1.2 Forward or Filter 147
- 16.5.1 MAC Address Binding 150
- 17.1 Introduction to MSTP 153
- 17.1.1 MSTP Region 153
- 17.1.2 Port Roles 155
- 17.1.3 MSTP Load Balance 155
- 17.3 MSTP Example 159
- 17.4 MSTP Troubleshooting 163
- Chapter 18 QoS Configuration 164
- 18.1.2 QoS Implementation 165
- 18.1.3 Basic QoS Model 165
- IP packet 167
- Enter the policing flow 167
- Enter scheduling 168
- Drop the 168
- 18.3 QoS Example 173
- 18.4 QoS Troubleshooting 176
- 20.1.1 Egress QOS Terms 179
- Classification scheduling 180
- RemarkPolicing 180
- Policing and 180
- Set Egress cos mapping, no 183
- 20.3 Egress QoS Examples 184
- 20.4 Egress QoS Examples 186
- 21.1.1 QinQ Technique 187
- 21.1.2 Basic QinQ 187
- 21.1.3 Flexible QinQ 187
- 21.3 Flexible QinQ Example 189
- 22.1 Layer 3 Interface 192
- 22.2 IP Configuration 194
- 22.2.2 IP Configuration 196
- -3 IPv6 tunnel 204
- 22.3 IP Forwarding 206
- 22.4 URPF 206
- 22.4.1 Introduction to URPF 206
- 22.4.3 URPF Typical Example 207
- 22.4.4 URPF Troubleshooting 208
- 22.5 ARP 208
- 22.5.1 Introduction to ARP 208
- 22.5.3 ARP Troubleshooting 210
- Function Configuration 211
- 192.168.1.1 221
- 192.168.1.100 221
- 192.168.1.200 221
- 29.1 Introduction to DHCP 229
- 29.5 DHCP Troubleshooting 235
- 30.1 Introduction to DHCPv6 237
- 30.7 DHCPv6 Troubleshooting 246
- 34.1 Routing Table 272
- 34.2 IP Routing Policy 273
- 34.2.4 Troubleshooting 279
- Chapter 35 Static Route 280
- Chapter 36 RIP 283
- -list <access-list-number 287
- 36.3 RIP Examples 291
- 36.3.1 Typical RIP Examples 291
- 36.4 RIP Troubleshooting 293
- Chapter 37 RIPng 295
- 37.4 RIPng Troubleshooting 303
- Chapter 38 OSPF 305
- 38.3 OSPF Examples 312
- 38.4 OSPF Troubleshooting 323
- Chapter 39 OSPFv3 324
- 39.3 OSPFv3 Examples 331
- 39.4 OSPFv3 Troubleshooting 333
- Chapter 40 BGP 335
- 40.4 BGP Troubleshooting 362
- Chapter 41 MBGP4+ 363
- 41.3 MBGP4+ Examples 364
- 41.4 MBGP4+ Troubleshooting 366
- 43.3 Example of GRE Tunnel 373
- 44.1 Introduction to ECMP 383
- 44.3 ECMP Typical Example 384
- 44.3.2 OSPF Implements ECMP 385
- 44.4 ECMP Troubleshooting 386
- Chapter 45 BFD 387
- 45.3 Examples of BFD 389
- 45.4 BFD Troubleshooting 392
- Chapter 46 BGP GR 393
- 46.3 Typical Example of GR 396
- Chapter 47 OSPF GR 398
- 47.2 OSPF GR Configuration 399
- 47.3 OSPF GR Example 400
- 47.4 OSPF GR Troubleshooting 400
- 48.1.2 Multicast Address 402
- 48.2 PIM-DM 404
- 48.3 PIM-SM 409
- 48.4 MSDP Configuration 416
- 48.4.1 Introduction to MSDP 416
- 48.4.3.2 Enabling MSDP 418
- 48.4.8 MSDP Troubleshooting 425
- 48.6 PIM-SSM 430
- 48.7 DVMRP 433
- 48.7.1 Introduction to DVMRP 433
- 48.7.4 DVMRP Troubleshooting 437
- 48.8 DCSCM 437
- 48.8.1 Introduction to DCSCM 437
- 48.8.4 DCSCM Troubleshooting 442
- 48.9 IGMP 442
- 48.9.1 Introduction to IGMP 442
- 48.9.4 IGMP Troubleshooting 446
- 48.10 IGMP Snooping 447
- 48.11.3 IGMP Proxy Examples 454
- 49.1 PIM-DM6 457
- 49.2 PIM-SM6 461
- 49.4 PIM-SSM6 473
- 49.5 IPv6 DCSCM 476
- 49.6 MLD 480
- 49.6.1 Introduction to MLD 480
- 49.7 MLD Snooping 483
- 49.7.3 MLD Snooping Examples 485
- Chapter 50 Multicast VLAN 489
- 50.3 Multicast VLAN Examples 490
- Chapter 51 ACL Configuration 492
- 51.3 ACL Example 509
- 51.4 ACL Troubleshooting 513
- 52.1 Introduction to 802.1x 515
- 52.1.5.1 EAP Relay Mode 520
- 52-17 IPv6 Radius 532
- 52.4 802.1x Troubleshooting 533
- MAC in VLAN and IP 534
- IP Typical Examples 537
- IP Troubleshooting Help 538
- Function 539
- 54.3 AM Function Example 541
- 55.1 Introduction to TACACS+ 542
- 55-1 TACACS Configuration 543
- 55.4 TACACS+ Troubleshooting 544
- 56.1 Introduction to RADIUS 545
- 56.3 RADIUS Typical Examples 548
- 56.3.1 IPv4 Radius Example 548
- 56.3.2 IPv6 RadiusExample 549
- 56.4 RADIUS Troubleshooting 550
- Chapter 57 SSL Configuration 551
- 57.3 SSL Typical Example 553
- 57.4 SSL Troubleshooting 554
- Chapter 60 MAB Configuration 561
- 60.3 MAB Example 563
- 60.4 MAB Troubleshooting 565
- 61.1.2.2 PPPoE Packet Format 567
- 62.1 Introduction to SAVI 573
- 62.2 SAVI Configuration 573
- 62.4 SAVI Troubleshooting 578
- 64.1 Introduction to VRRP 583
- 64.3 VRRP Typical Examples 585
- 64.4 VRRP Troubleshooting 586
- 65.1 Introduction to VRRPv3 587
- 65-1 VRRPv3 message 588
- 65.2 VRRPv3 Configuration 590
- 65.3 VRRPv3 Typical Examples 591
- 65.4 VRRPv3 Troubleshooting 592
- 66.1 Introduction to MRPP 593
- 66.3 MRPP Typical Scenario 597
- 66.4 MRPP Troubleshooting 599
- 67.1 Introduction to ULPP 600
- 67.3 ULPP Typical Examples 603
- 67.3.1 ULPP Typical Example1 603
- 67.3.2 ULPP Typical Example2 605
- 67.4 ULPP Troubleshooting 607
- 68.1 Introduction to ULSM 608
- 68.3 ULSM Typical Example 610
- 68.4 ULSM Troubleshooting 611
- 69.1 Introduction to Mirror 612
- 69.3 Mirror Examples 613
- 70.1 Introduction to RSPAN 615
- 70.4 RSPAN Troubleshooting 621
- 71.1 Introduction to sFlow 622
- 71.3 sFlow Examples 624
- 71.4 sFlow Troubleshooting 625
- 72.1 Introduction to SNTP 626
- 74.1 Introduction to DNS 632
- 74.3 Typical Examples of DNS 635
- 74.4 DNS Troubleshooting 636
- 75.3 Examples of Summer Time 637
- Chapter 76 Monitor and Debug 639
- 76.5 Show 640
- 76.6 Debug 641
- 76.7 System log 641
- Received and Sent by CPU 646
- Chapter 79 MPLS Overview 647
- 79.1.5 MPLS PHP 653
- Chapter 80 LDP 654
- 80.1.1 Basic Concept of LDP 655
- 80.1.3 LDP Label Management 657
- 80.1.4 LDP Session 660
- 80.1.5 LDP Loop Detection 661
- 80.2 LDP Configuration 662
- 80.3 LDP Typical Instances 668
- 80.4 LDP Troubleshooting 670
- Chapter 81 MPLS VPN 672
- (1) Configure VPN instances 688
- (7) Configure BGP 694
- (2) Configure OSPF 695
- Internet 704
- Chapter 83 SWITCH OPERATION 711
- 83.5 Auto-Negotiation 712
- Chapter 85 APPENDEX A 714
- 1 2 3 4 5 6 7 8 715
- Chapter 86 GLOSSARY 716
- EC Declaration of Conformity 720
Related products and manuals for Routers Planet XGS3-24042
Routers Planet XGS3-42000R User Manual
(2 pages)
(2 pages)
Routers Planet XGS3-42000R User Manual
(16 pages)
(16 pages)
Routers Planet XGSW-28040 User Manual
(12 pages)
(12 pages)
Routers Planet EPN-103 User Manual
(20 pages)
(20 pages)
Routers Planet EPL-1000 User Manual
(20 pages)
(20 pages)
Routers Planet EPL-2000 User Manual
(20 pages)
(20 pages)
Routers Planet EPL-2000 User Manual
(81 pages)
(81 pages)
Routers Planet EPN-102 User Manual
(2 pages)
(2 pages)
Routers Planet EPN-102 User Manual
(17 pages)
(17 pages)
Routers Planet BSP-300 User Manual
(11 pages)
(11 pages)
Routers Planet BSP-300 User Manual
(35 pages)
(35 pages)
Routers Planet HPOE-1200G User Manual
(2 pages)
(2 pages)
Routers Planet HPOE-460 User Manual
(2 pages)
(2 pages)
Routers Planet ICA-107P User Manual
(32 pages)
(32 pages)
Routers Planet ICA-107P User Manual
(16 pages)
(16 pages)
Routers Planet ICA-1200 User Manual
(2 pages)
(2 pages)
Routers Planet HPOE-1200G User Manual
(58 pages)
(58 pages)
Routers Planet ICA-2200 User Manual
(95 pages)
(95 pages)
Routers Planet ICA-230 User Manual
(20 pages)
(20 pages)
Routers Planet ICA-310 User Manual
(32 pages)
(32 pages)
© 2020, manymanuals.com. All rights reserved. | 0.583 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Comments to this Manuals