HP A6600 Configuration Manual page 414

Figure 138 Network diagram for traffic statistics configuration
Configuration procedure
# Configure IP addresses for interfaces. (Omitted)
# Create attack protection policy 1.
<Router> system-view
[Router] attack-defense policy 1
# Enable UDP flood attack protection.
[Router-attack-defense-policy-1] defense udp-flood enable
# Set the global action threshold for UDP flood attack protection to 100 packets per second.
[Router-attack-defense-policy-1] defense udp-flood rate-threshold high 100
# Configure the policy to drop the subsequent packets once a UDP flood attack is detected.
[Router-attack-defense-policy-1] defense udp-flood action drop-packet
[Router-attack-defense-policy-1] quit
# Apply policy 1 to GigabitEthernet 1/0/1.
[Router] interface gigabitethernet 1/0/1
[Router-GigabitEthernet1/0/1] attack-defense apply policy 1
# Enable the traffic statistics function in the outbound direction of GigabitEthernet 1/0/1.
[Router-GigabitEthernet1/0/1] flow-statistic enable outbound
# Enable traffic statistics based on destination IP address.
[Router-GigabitEthernet1/0/1] flow-statistic enable destination-ip
Verify the configuration
If you suspect that the server is under an attack, view the traffic statistics information on the interface to
check whether there is an attack.
[Router-GigabitEthernet1/0/1] display flow-statistics statistics destination-ip 10.1.1.2
------------------------------------------------------------
IP Address
------------------------------------------------------------
Total number of existing sessions
Session establishment rate
TCP sessions
Half-open TCP sessions
Half-close TCP sessions
TCP session establishment rate
UDP sessions
UDP session establishment rate
ICMP sessions
ICMP session establishment rate
Flow Statistics Information
: 10.1.1.2
: 13676
: 2735/s
: 0
: 0
: 0
: 0/s
: 13676
: 2735/s
: 0
: 0/s
402