ARP/4/ARP_SUPP_TRAP:OID [OID] Exceed the speed limit value configured. (Ifnet index=[INTEGER], Configured value=[COUNTER], Sampling value=[COUNTER], Speed-limit type=[OCTET],Source Ip address=[IPADDR], Destination Ip address=[IPADDR]).
The trap was generated when the transmitting rate of ARP packets or ARP Miss Messages was greater than the rate limit.
The trap was cleared when the transmitting rate of ARP packets or ARP Miss Messages was lower than the rate limit.
You can run the arp speed-limit command to set the rate limit. The default rate limit is 5.
| Alarm ID | Alarm Severity | Alarm Type |
|---|---|---|
1.3.6.1.4.1.2011.5.25.123.2.1 |
Warning |
processingErrorAlarm(4) |
| Name | Meaning |
|---|---|
oid |
Indicates the trap ID. |
Ifnet index |
Indicates the interface index. |
Configured value |
Indicates the configured rate limit. |
Sampling value |
Indicates the sampling of the number of packets received within a period. |
Speed-limit type |
Indicates the type of packets configured with timestamp suppression, for example, ARP and ARP MISS. |
Source Ip address |
Indicates source IP addresses. |
Destination Ip address |
Indicates the destination IP address. |
View the type of packets configured with timestamp suppression in trap messages.
If ARP packets are configured with timestamp suppression, it indicates that some normal ARP packets are discarded. As a result, traffic cannot be forwarded normally.
If ARP Miss messages are configured with timestamp suppression, it indicates that some ARP Miss messages are discarded. As a result, ARP Request messages cannot be triggered and thus traffic cannot be forwarded normally.
If this trap is cleared shortly, services will not be affected and the system will resume the normal operation.
If this trap is not cleared for a long time, the service processing capability of the system will be affected.
Cause 1: The interval for enabling the log function and sending traps for potential attack behaviors was set to Ns. Within the period of N+1s, the number of sent ARP packets was greater than the threshold. Within the first Ns, the average number of sent ARP packets was greater than the threshold.
Cause 2: The interval for enabling the log function and sending traps for potential attack behaviors was set to Ns. Within the period of N+1s, the number of sent ARP Miss messages was greater than the threshold. Within the first Ns, the average number of sent ARP Miss messages was greater than the threshold.
1. View the type of packets configured with timestamp suppression in trap messages.
(1) If the type of packets is ARP, go to Step 2.
(2) If the type of packets is ARP Miss, go to Step 4.
2. Run the display arp anti-attack configuration command to view the rate limit of ARP packets on each board.
3. Run the arp speed-limit source-ip [ ip-address ]maximum maximum command to re-set the maximum value of timestamp suppression of ARP packets. This value must be greater than that displayed in Step 2; otherwise, the trap cannot be cleared, but this value must be less than 32768.Then, check whether the trap is cleared.
4. Run the display arp anti-attack configuration command to view the rate limit of ARP Miss messages on each board.
5. Run the arp-miss speed-limit [ ip-address ]source-ip maximum maximum command to re-set the maximum value of timestamp suppression of ARP Miss messages. This value must be greater than that displayed in Step 4; otherwise, the trap cannot be cleared, but this value must be less than 32768.Then, check whether the trap is cleared.
6. Contact technical support personnel.
7. End.