protocol drop-probability
â– Use to map a protocol to a specific drop probability, which is the percentage
probability of an exceeded packet being dropped.
â– Example
host1(config-dos-protection)#protocol IpLocalDhcpIc drop-probability 100
â– Use the no version to set the drop probability to the value specified in the
associated default group.
â– See protocol drop-probability.
protocol priority
â– Use to set the priority for the protocol.
â– Example
host1(config-dos-protection)#protocol IpLocalDhcpIc priority hiGreen
â– Use the no version to set the priority to the value specified in the associated
default group.
â– See protocol priority.
protocol rate
â– Use to map a protocol to a maximum rate limit.
â– The rate limit applies to all packets of the protocol for interfaces belonging to
the DoS protection group.
â– A particular protocol can be up to the sum of the four rates configured, depending
on the DoS group attached to an interface.
â– Use a maximum rate of 0 for protocols that are not used.
â– The actual rate never exceeds the maximum rate, but can be less than the
configured maximum rate due to the weighting of the protocols within a DoS
protection group and the use of multiple DoS protection groups.
â– Example
host1(config-dos-protection)#protocol IpLocalDhcpIc rate 100
â– Use the no version to set the value to the value specified in the associated default
group.
â– See protocol rate.
protocol skip-priority-rate-limiter
â– Use to set the skip priority rate limiter for the protocol.
â– The specified protocol is not subject to the priority rate limiter for the priority
and DoS protection group selected.
â– The default sets the protocol such that it is subject to priority rate limiting.
470 â– Denial of Service (DoS) Protection
JUNOSe 11.1.x System Basics Configuration Guide
To Next Page
Loading...
Need help?
General
