SECE_1.3.6.1.4.1.2011.5.25.165.2.2.1.1 hwStrackUserInfo

Description

SECE/4/STRACKUSER: OID=[oid] Attack occurred.(Interface=[STRING], SourceMAC=[STRING], CVLAN=[ULONG], PVLAN=[ULONG], EndTime=[STRING], TotalPackets=[ULONG])

The system detects an attack.

Attribute

Alarm ID Alarm Severity Alarm Type
1.3.6.1.4.1.2011.5.25.165.2.2.1.1 Warning securityServiceOrMechanismViolation(10)

Parameters

Name Meaning
OID Indicates the ID of the MIB object.
Interface Indicates the access interface of the attacker.
SourceMAC Indicates the Source MAC address of packets sent from the attacker.
BCVLAN Indicates the maximum rate of broadcast packets.
PVLAN Indicates the inner VLAN ID of packets sent from the attacker.
EndTime Indicates the end time of the attack.
TotalPackets Indicates the number of packets received from the attacker.

Impact on the System

The CPU is busy processing attack packets. As a result, normal service packets cannot be processed in time or even discarded.

Possible Causes

The rate of packets with the specified MAC address and VLAN ID sent to the CPU exceeds the alarm threshold.

Procedure

  1. If the user initiates the attack, you can set the action taken on attack packets to deny, or configure a traffic policy to discard attack packets.
  2. If the fault cause is unknown, collect device configurations, alarms, and logs, and then contact technical support personnel.
  3. End.

Related Information

None

Parent topic: SECE
Copyright © Huawei Technologies Co., Ltd.