UMN:CLI User Manual
V5808
248
7.18 TCP Flag Control
Transmission Control Protocol (TCP) header includes six kinds of flags that are URG,
ACK, PSH, RST, SYN, and FIN. For the V5808, you can configure RST and SYN as the
below.
7.18.1 RST Configuration
RST sends a message when TCP connection cannot be done to a person who tries to
make it. However, it is also possible to configure to block the message. This function will
help prevent that hackers can find impossible connections.
To configure not to send the message that informs TCP connection cannot be done, use
the following command.
ip tcp ignore rst-unknown
Configures to block the message that informs TCP
connection cannot be done.
no ip tcp ignore rst-unknown
Disables the unknown RST ignoring.
7.18.2 SYN Configuration
SYN sets up TCP connection. The V5808 transmits cookies with SYN to a person who
tries to make TCP connection. Only when transmitted cookies are returned, it is possible
to permit TCP connection. This function prevents connection overcrowding because of
accessed users who are not using and helps the other users use service.
To permit connection only when transmitted cookies are returned after sending cookies
with SYN, use the following command.
Permits only when transmitted cookies are returned
after sending cookies with SYN.
Disables configuration to permit only when transmitted
cookies are returned after sending cookies with SYN.
7.19 The Utilization on L3 table
To display the urtilization of packets in use on L3 table, LPM entries and L3 interfaces,
use the following command.
Shows the usage of L3 interface, host, LPM, ECMP
entries.
To Next Page
Loading...