EasyManuals Logo
Home>HP>Network Router>FlexNetwork MSR2003

HP FlexNetwork MSR2003 User Manual

HP FlexNetwork MSR2003
517 pages
To Next Page IconTo Next Page
To Next Page IconTo Next Page
To Previous Page IconTo Previous Page
To Previous Page IconTo Previous Page
Page #204 background imageLoading...
Page #204 background image
190
SYN Cookie can protect the server from SYN Flood attacks. When the server receives a SYN packet,
it responds with a SYN ACK packet without establishing a TCP semi-connection. The server
establishes a TCP connection and enters ESTABLISHED state only when it receives an ACK packet
from the client.
To enable TCP SYN Cookie:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Enable SYN Cookie.
tcp syn-cookie enable
The default setting is disabled.
Configuring the TCP buffer size
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Configure the size of TCP
receive/send buffer.
tcp window
window-size
The default buffer size is 64 KB.
Configuring TCP timers
You can configure the following TCP timers:
• SYN wait timer—TCP starts the SYN wait timer after sending a SYN packet. Within the SYN
wait timer if no response is received or the upper limit on TCP connection tries is reached, TCP
fails to establish the connection.
• FIN wait timer—TCP starts the FIN wait timer when the state changes to FIN_WAIT_2. If no
FIN packet is received within the timer interval, TCP terminates the connection. If a FIN packet
is received, TCP changes the connection state to TIME_WAIT. If a non-FIN packet is received,
TCP restarts the timer, and tears down the connection when the timer expires.
To configure TCP timers:
Step Command Remarks
1. Enter system view.
system-view
N/A
2. Configure TCP
timers.
• Configure the TCP SYN wait timer:
tcp timer syn-timeout time-value
• Configure the TCP FIN wait timer:
tcp timer fin-timeout time-value
By default:
• The TCP SYN wait timer is 75
seconds.
• The TCP FIN wait timer is
675 seconds.
Enabling sending ICMP error messages
Perform this task to enable sending ICMP error messages, including redirect, time exceeded, and
destination unreachable messages.
• ICMP redirect messages
A host that has only one default route sends all packets to the default gateway. The default
gateway sends an ICMP redirect message to inform the host of a correct next hop by following
these rules:
{ The receiving and sending interfaces are the same.

Table of Contents

Questions and Answers:

Question and Answer IconNeed help?

Do you have a question about the HP FlexNetwork MSR2003 and is the answer not in the manual?

HP FlexNetwork MSR2003 Specifications

General IconGeneral
BrandHP
ModelFlexNetwork MSR2003
CategoryNetwork Router
LanguageEnglish

Related product manuals