CHAPTER 3. Data Network Function
© SAMSUNG Electronics Co., Ltd.
page 124 of 689
3.4.7
Configuring IPWATCHD
The IP WATCH Deamon (IPWATCHD) provides the function of detecting active or passive
IP collision. Regardless of IP collision attacker or victim, the information including source
ip/mac is transmitted as an evm fault event when the IP collision occurs. At the collision
time, the Gratuitous Address Resolution Protocol (GARP) reply is transmitted 3 times to
the unicast at every 1 second.
It supports the rate-limit function to deal with an intended ARP attack. Although ARP is
entered from a host that is not in the same subnet, it generates GARP by recognizing it as a
target if the host has the same APC IP.
Configuration using CLI
To configure the IPWATCHD function, enter into the configure mode of CLI.
Configure a TIMEOUT value (that a user wants) to detect an IP address collision.
Operator can enter a value between 10 and 300 seconds.
WEC8500# configure terminal
WEC8500/configure#
WEC8500/configure# ipwatch ?
defend-interval
Ipwatch defend-interval configuration
WEC8500/configure# ipwatch defend-interval ?
10 - 300
Ipwatch defend-interval value(seconds)
WEC8500/configure# ipwatch defend-interval 30
Parameter
Description
VALUE
Enter a defend-interval (10-300 sec).
The default TIMEOUT value for IP address collision detection is 30 seconds.
When the time is configured, the IPWATCHD daemon is restarted and a log and GARP is
generated if there is an IP collision.
Configuration using Web UI
In the menu bar of
<WEC Main window>
, select
<Configuration>
and then select the
<Controller>
<Network>
<ARP>
menu in the sub-menus.
After entering a time value (10-300 seconds) that a user wants in the TIMEOUT FOR IP
ADDRESS CONFLICT DETECTION window, click the
<Apply>
button. Then, the
configuration is applied.
The default value before user configuration is 30 as shown in the below figure.
Figure 50. IPWATCHD Configuration Window