Configuring Security
Denial of Service Prevention
Cisco Small Business 300 Series Managed Switch Administration Guide 227
16
• Addresses defined to be illegal in the
Martian Addresses Page
.
• Some of the addresses are illegal from the viewpoint of the protocol, such as
loopback addresses, including the following ranges:
- 0.0.0.0/8 (Except 0.0.0.0/32 as a Source Address)—Addresses in this
block refer to source hosts on this network.
- 127.0.0.0/8—Used as the Internet host loopback address.
- 192.0.2.0/24—Used as the TEST-NET in documentation and example
codes.
- 224.0.0.0/4 (As a Source IP Address)—Used in IPv4 Multicast address
assignments, and is formerly known as Class D Address Space.
- 240.0.0.0/4 (Except 255.255.255.255/32 as a Destination
Address)—Reserved address range, and is formerly known as Class E
Address Space.
You can also add new Martian Addresses for DoS prevention. Packets that have a
Martian addresses are discarded.
To define Martian addresses:
STEP 1 Click Security > Denial of Service Prevention > Martian Addresses. The
Martian Addresses Page displays.
STEP 2 Select Reserved Martian Addresses and click Apply to include the reserved
Martian Addresses in the System Level Prevention list. The list of reserved Martian
Addresses is displayed in the Martian Address Table.
STEP 3 To add a Martian address click Add. The Add Martian Addresses Page displays.
STEP 4 Enter the parameters.
• IP Version—Indicates the supported IP version. Currently, support is only
offered for IPv4.
• IP Address—Enter the Martian IP addresses for which Denial of Service
Prevention is enabled. The values are:
- From reserved List—Select a well-known IP address from the reserved
list.
- New IP Address—Enter an IP address.
To Next Page
Loading...
