HPE FlexNetwork MSR Series User Manual (English)

To Next Page

To Previous Page

419

Step Command Remarks

4. Configure the global action

and silence thresholds for

SYN flood attack

protection.

defense syn-flood

rate-threshold high

rate-number

[

low

rate-number ]

Optional.

By default, the action threshold is

1000 packets per second and the

silence threshold is 750 packets per

second.

5. Configure the action and

silence thresholds for SYN

flood attack protection of a

specific IP address.

defense syn-flood ip

ip-address

rate-threshold high

rate-number

[

low

rate-number ]

Optional.

Not configured by default.

6. Configure the device to

drop SYN flood attack

packets.

defense syn-flood action

{

drop-packet

}

Optional.

By default, the device only outputs

alarm logs if detecting an attack.

To configure an ICMP flood attack protection policy:

Step Command Remarks

1. Enter system view.

system-view

N/A

2. Enter attack protection

policy view.

attack-defense policy

policy-number

N/A

3. Enable ICMP flood attack

protection.

defense icmp-flood enable

Disabled by default.

4. Configure the global action

and silence thresholds for

ICMP flood attack

protection.

defense icmp-flood

rate-threshold high

rate-number

[

low

rate-number ]

Optional.

By default, the action threshold is

1000 packets per second and the

silence threshold is 750 packets per

second.

5. Configure the action and

silence thresholds for ICMP

flood attack protection of a

specific IP address.

defense icmp-flood ip

ip-address

rate-threshold high

rate-number

[

low

rate-number ]

Optional.

Not specifically configured for an IP

address by default.

6. Configure the device to

drop ICMP flood attack

packets.

defense icmp-flood action

drop-packet

Optional.

By default, the device only outputs

alarm logs if detecting an attack.

To configure a UDP flood attack protection policy:

Step Command Remarks

1. Enter system view.

system-view

N/A

2. Enter attack protection

policy view.

attack-defense policy

policy-number

N/A

3. Enable UDP flood attack

protection.

defense udp-flood enable

Disabled by default.

4. Configure the global action

and silence thresholds for

UDP flood attack

protection.

defense udp-flood

rate-threshold high

rate-number

[

low

rate-number ]

Optional.

By default, the action threshold is

1000 packets per second and the

silence threshold is 750 packets per

second.

Other manuals for HPE FlexNetwork MSR Series

Configuration Guide861 pages

Comware 7 Layer 3 - Ip Services Configuration Guides554 pages

Guide213 pages

Command Reference120 pages

Comware 5 Layer 2 - Wan Access Configuration Guide420 pages

Need help?

Do you have a question about the HPE FlexNetwork MSR Series and is the answer not in the manual?

HPE FlexNetwork MSR Series Specifications

General

Category	Network Router
WAN Ports	Varies by model
LAN Ports	Varies by model
Switching Capacity	Varies by model
IPv6 Support	Yes
Product Series	MSR Series
Routing Protocols	BGP, OSPF, RIP, IS-IS, Static Routing
WAN Interfaces	Ethernet, Serial, T1/E1
LAN Interfaces	Ethernet, Fast Ethernet, Gigabit Ethernet
Power Supply	AC or DC (varies by model)
Management	CLI, Web GUI, SNMP
VPN Support	IPsec, GRE, L2TP, DMVPN
QoS Support	Yes
Ports	Varies by model
Firewall	Stateful packet inspection, DoS/DDoS protection, Application layer filtering