Security Feature Example; Jumbo Configuration; Jumbo Introduction; Jumbo Configuration Task Sequence - SMC Networks ES4704BD Manual

Usage Guide:To use this function you have to enable "dosattack-check icmp-attacking
enable" first
Example:Set the max net length of the ICMPv6 data packet permitted by the switch to
100
Switch(Config)# dosattack-check icmp-attacking enable
Switch(Config)# dosattack-check icmpv6-size 100

2.6.4 Security Feature Example

Scenario:
The User has follows configuration requirements: the switch do not forward data
packet whose source IP address is equal to the destination address, and those whose
source port is equal to the destination port. Only the ping command with defaulted
options is allowed within the IPv4 network, namely the ICMP request packet can not be
fragmented and its net length is normally smaller than 100
Configuration procedure:
Switch(Config)# dosattack-check srcip-equal-dstip enable
Switch(Config)# dosattack-check srcport-equal-dstport enable
Switch(Config)# dosattack-check ipv4-first-fragment enable
Switch(Config)# dosattack-check icmp-attacking enable
Switch(Config)# dosattack-check icmpv4-size 100

2.7 Jumbo Configuration

2.7.1 Jumbo Introduction

So far the Jumbo (Jumbo Frame) has not reach a determined standard in the
industry (including the format and length of the frame). Normally frames sized within
1519-8996 should be considered jumbo frame. Networks with jumbo frames will increase
the speed of the whole network by 2% to 5%. Technically the Jumbo is just a lengthened
frame sent and received by the switch. However considering the length of Jumbo frames,
they will not be sent to CPU. We discarded the Jumbo frames sent to CPU in the packet
receiving process.

2.7.2 Jumbo Configuration Task Sequence

110