摘要 |
<p>A method for defending against MAC table overflow attacks comprises a plurality of operations. An operation is performed for determining whether each one of a plurality of MAC addresses within a MAC table has one-way traffic or two-way traffic corresponding thereto. Thereafter, operations are performed for designating each MAC address having two-way traffic corresponding thereto as a first category of MAC address and for designating each MAC address having one-way traffic corresponding thereto as a second category of MAC address. In response to the number of the MAC addresses designated as the second category of MAC address exceeding a prescribed threshold value, an operation is performed for causing a timeout value of at least a portion of the MAC addresses designated as the second category of MAC address to be less than a timeout value of the MAC addresses designated as the first category of MAC address.</p> |