Client-Verify Dns Enable; Client-Verify Http Enable - HP MSR Series Command Reference Manual
Hide thumbs
Also See for MSR Series:
- Configuration manual (889 pages) ,
- Command reference manual (625 pages) ,
- Wan access configuration manual (293 pages)
Table of Contents
Advertisement
blacklist ipv6
•
client-verify dns enable
Use client-verify dns enable to enable DNS client verification on an interface.
Use undo client-verify dns enable to restore the default.
Syntax
client-verify dns enable
undo client-verify dns enable
Default
DNS client verification is disabled on an interface.
Views
Layer 3 interface view
Predefined user roles
network-admin
Usage guidelines
Enable DNS client verification on the interface that connects to the external network. This function
protects internal DNS servers against DNS flood attacks.
To configure the DNS client verification to collaborate with DNS flood attack prevention, specify
client-verify as the DNS flood attack prevention action. In collaboration, upon detecting a DNS flood
attack, the device adds the victim IP addresses to the protected IP list and verifies the suspected sources.
You can use the display client-verify dns protected ip command to display the protected IP list for DNS
client verification.
Examples
# Enable DNS client verification on interface GigabitEthernet 2/1/1.
<Sysname> system-view
[Sysname] interface gigabitethernet 2/1/1
[Sysname-GigabitEthernet2/1/1] client-verify dns enable
Related commands
client-verify dns protected ip
•
display client-verify dns protected ip
•
client-verify http enable
Use client-verify http enable to enable HTTP client verification on an interface.
Use undo client-verify http enable to restore the default.
Syntax
client-verify http enable
undo client-verify http enable
566
Advertisement
Table of Contents
