Table 39 Firewall: Threshold - ZyXEL Communications P-660H-D Series User Manual
Adsl 2+ gateway
Hide thumbs
Also See for P-660H-D Series:
- Quick start manual (10 pages) ,
- Quick start manual (6 pages)
Table of Contents
Advertisement
Table 39 Firewall: Threshold
LABEL
Denial of Service
Thresholds
One Minute Low
One Minute High
Maximum
Incomplete Low
Maximum
Incomplete High
TCP Maximum
Incomplete
Action taken when the TCP Maximum Incomplete threshold is reached.
Delete the oldest
half open session
when new
connection
request comes
Chapter 11 Firewall Configuration
DESCRIPTION
This is the rate of new half-open sessions that
causes the firewall to stop deleting half-open
sessions. The Prestige continues to delete
half-open sessions as necessary, until the
rate of new connection attempts drops below
this number.
This is the rate of new half-open sessions that
causes the firewall to start deleting half-open
sessions. When the rate of new connection
attempts rises above this number, the
Prestige deletes half-open sessions as
required to accommodate new connection
attempts.
This is the number of existing half-open
sessions that causes the firewall to stop
deleting half-open sessions. The Prestige
continues to delete half-open requests as
necessary, until the number of existing half-
open sessions drops below this number.
This is the number of existing half-open
sessions that causes the firewall to start
deleting half-open sessions. When the
number of existing half-open sessions rises
above this number, the Prestige deletes half-
open sessions as required to accommodate
new connection requests. Do not set
Maximum Incomplete High to lower than the
current Maximum Incomplete Low number.
This is the number of existing half-open TCP
sessions with the same destination host IP
address that causes the firewall to start
dropping half-open sessions to that same
destination host IP address. Enter a number
between 1 and 256. As a general rule, you
should choose a smaller number for a smaller
network, a slower system or limited
bandwidth.
Select this radio button to clear the oldest half
open session when a new connection request
comes.
P-660R/H-D Series User's Guide
DEFAULT VALUES
80 existing half-open sessions.
100 half-open sessions per minute.
The above numbers cause the
Prestige to start deleting half-open
sessions when more than 100
session establishment attempts
have been detected in the last
minute, and to stop deleting half-
open sessions when fewer than 80
session establishment attempts
have been detected in the last
minute.
80 existing half-open sessions.
100 existing half-open sessions.
The above values causes the
Prestige to start deleting half-open
sessions when the number of
existing half-open sessions rises
above 100, and to stop deleting
half-open sessions with the
number of existing half-open
sessions drops below 80.
30 existing half-open TCP
sessions.
132
Advertisement
Chapters
Table of Contents
Troubleshooting
