Hi Nick,
does
show ipv6 | include host drop cam
(config)#ipv6 max-host-drop-cam 256
resolve this issue?
Doc says:
To limit the usage of CAM by IPV6 hosts with unresolved ND, enter the
ipv6 max-host-drop-cam
command.
Jörg
On 16 Feb 2019, at 20:42, n...@ramnode.com wrote:
Hello,
We sometimes encounter neighbor cache exhaustion attacks on our
network. A
remote IP beings scanning large portions of our customer IPv6 ranges,
the
IPv6 neighbor table on our router (MLX/XMR) fills up with INCOMP
status
entries, and connectivity remains impacted until the neighbor table is
manually cleared.
What settings should we use to prevent the table from filling up with
and
maintaining so many INCOMP entries?
Regards,
Nick
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp
_______________________________________________
foundry-nsp mailing list
foundry-nsp@puck.nether.net
http://puck.nether.net/mailman/listinfo/foundry-nsp
