配置自动关闭端口功能: 在全局模式下: arp protective-down recover enable(开启交换机端口自动恢复功能) arp protective-down recover interval 15(设置自动恢复时间为15秒)测试结果: %Apr 2 00:27:30:089 2000 LINPINGJIEDAO_3952_ L2INF/5/PORT LINK STATUS CHANGE:- 1 - Ethernet1/0/8 is UP %Apr 2 00:27:52:170 2000 LINPINGJIEDAO_3952_ DHCP-SNP/5/arp_overspeed:- 1 - PacketLimit: ARP packet rate(52pps) exceeded on interface Ethernet1/0/8. The port will be down! (ARP包超过设定速率,此端口将关闭) %Apr 2 00:27:52:348 2000 LINPINGJIEDAO_3952_ L2INF/5/PORT LINK STATUS CHANGE:- 1 - Ethernet1/0/8 is DOWN %Apr 2 00:42:51:858 2000 LINPINGJIEDAO_3952_ L2INF/5/PORT LINK STATUS CHANGE:- 1 - Ethernet1/0/8 is UP(15秒后,端口自动打开) 查看交换机端口状态: <3952>dis brief interface (注意第8口的状态为PTC) Interface: Eth - Ethernet GE - GigabitEthernet TENGE - tenGigabitEthernet Loop - LoopBack Vlan - Vlan-interface Cas - Cascade Speed/Duplex: A - auto-negotiation Interface Link Speed Duplex Type PVID Description -------------------------------------------------------------------------------- Aux1/0/0 UP -- -- -- -- Eth1/0/1 UP A100M Afull trunk 1 uplink-TANGXIZHEN_3952 Eth1/0/2 ADM DOWN A A trunk 1 Eth1/0/3 ADM DOWN A A trunk 1 Eth1/0/4 ADM DOWN A A trunk 1 Eth1/0/5 DOWN A A access 902 Eth1/0/6 UP A100M Afull access 902 GuangJiSheQu Eth1/0/7 DOWN A A access 902 Eth1/0/8PTCDOWN A A access 902 (注意第8口的状态为PTC) 注意事项: 1、这个功能需要3900系列1602以上版本才能支持,其他型号的交换机暂时没有研究; 2、arp包的速率限制要根据具体环境而设置,需要测试后才能铺开实施; 3、如果要手动打开被关闭的端口,可以使用undo shutdown打开;