protocol drop-probability
■ Use to map a protocol to a specific drop probability, which is the percentage
probability of an exceeded packet being dropped.
■ Example
host1(config-dos-protection)#protocol IpLocalDhcpIc drop-probability 100
■ Use the no version to set the drop probability to the value specified in the
associated default group.
■ See protocol drop-probability.
protocol priority
■ Use to set the priority for the protocol.
■ Example
host1(config-dos-protection)#protocol IpLocalDhcpIc priority hiGreen
■ Use the no version to set the priority to the value specified in the associated
default group.
■ See protocol priority.
protocol rate
■ Use to map a protocol to a maximum rate limit.
■ The rate limit applies to all packets of the protocol for interfaces belonging to
the DoS protection group.
■ A particular protocol can be up to the sum of the four rates configured, depending
on the DoS group attached to an interface.
■ Use a maximum rate of 0 for protocols that are not used.
■ The actual rate never exceeds the maximum rate, but can be less than the
configured maximum rate due to the weighting of the protocols within a DoS
protection group and the use of multiple DoS protection groups.
■ Example
host1(config-dos-protection)#protocol IpLocalDhcpIc rate 100
■ Use the no version to set the value to the value specified in the associated default
group.
■ See protocol rate.
protocol skip-priority-rate-limiter
■ Use to set the skip priority rate limiter for the protocol.
■ The specified protocol is not subject to the priority rate limiter for the priority
and DoS protection group selected.
■ The default sets the protocol such that it is subject to priority rate limiting.
470 ■ Denial of Service (DoS) Protection
JUNOSe 11.1.x System Basics Configuration Guide
To Next Page
Loading...