Dynamic ARP inspection rate limit issues with Windows Vista Systems
Good Day to everybody.
I had implemented DHCP Snooping & Dynamic ARP inspection feature to mitigate ARP spoofing attacks to one of customer location where we have mix of Windows vista & XP systems. By default DAI feature rate limit ARP packets on un-trusted ports to 15 Packets per second. With this value I was facing some issue to access file shares where port will go in error-disabled state due to ARP broadcast from system was crossing 15 PPS limit of DAI. For the same, I had increased the DAI limit to 64 & after that we had not facing this problem from windows XP systems, but windows vista systems are still giving problem. Also this probem is very random in nature & not all the windows Vista system will face same issue even though they are accessing same file share & are configured with same DAI rate limit.
That's why I am not able to figure out baseline values for DAI rate limits. I had already search microsoft documentation for limiting this ARP broadcast from Windows Vista system, but no luck.
Is there any way to find out correct settings for this DAI packet rate limiting in Windows Vista enviorement ?
Table of ContentsIntroductionVersion HistoryPossible Future
UpdatesDocuments PurposeNAT Operation in ASA 8.3+ SectionsRule Types
Network Object NATTwice NAT / Manual NATRule Types used per SectionNAT
Types used with Twice NAT / Manual NAT and Network Obje...
Table of Contents Introduction:This document describes details on how
NAT-T works. Background: ESP encrypts all critical information,
encapsulating the entire inner TCP/UDP datagram within an ESP header.
ESP is an IP protocol in the same sense that TCP an...