H3C MSR Series Command Reference Manual page 1016

flood: Specifies all IPv6 flood attacks.
http-flood: Specifies HTTP flood attack.
icmpv6-flood: Specifies ICMPv6 flood attack.
rst-flood: Specifies RST flood attack.
syn-ack-flood: Specifies SYN-ACK flood attack.
syn-flood: Specifies SYN flood attack.
udp-flood: Specifies UDP flood attack.
ipv6-address: Specifies a protected IPv6 address. If you do not specify an IPv6 address, this
command displays flood attack detection and prevention statistics for all protected IPv6 addresses.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the protected IPv6
address belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters.
Do not specify this option if the protected IPv6 address is on the public network.
interface interface-type interface-number: Specifies an interface by its type and number.
local: Specifies the device.
slot slot-number: Specifies a card by its slot number. This option is available only when you specify
the device or a global interface, such as a VLAN interface or tunnel interface. If you do not specify a
card, this command displays IPv6 flood attack detection and prevention statistics for all cards.
(Distributed devices in standalone mode.)
slot slot-number: Specifies an IRF member device by its member ID. This option is available only
when you specify the device or a global interface, such as a VLAN interface or tunnel interface. If you
do not specify a member device, this command displays IPv6 flood attack detection and prevention
statistics for all member devices. (Centralized devices in IRF mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The
chassis-number argument represents the member ID of the IRF member device. The slot-number
argument represents the slot number of the card. This option is available only when you specify the
device or a global interface, such as a VLAN interface or tunnel interface. If you do not specify a card,
this command displays IPv6 flood attack detection and prevention statistics for all cards. (Distributed
devices in IRF mode.)
count: Displays the number of matching protected IPv6 addresses.
Usage guidelines
The device collects statistics about protected IP addresses for flood attack detection and prevention.
The attackers' IP addresses are not recorded.
If the interface and local parameters are not specified, this command display IPv6 flood attack
detection and prevention statistics on all interfaces and the device.
Examples
# (Centralized devices in standalone mode.) Display all IPv6 flood attack detection and prevention
statistics.
<Sysname> display attack-defense flood statistics ipv6
IPv6 address
2000::1011
1::2
1::3
1::4
1::5
# (Distributed devices in standalone mode/centralized devices in IRF mode.) Display all IPv6 flood
attack detection and prevention statistics.
<Sysname> display attack-defense flood statistics ipv6
VPN Detected on
a0123456789 GE1/0/2
1222232 GE1/0/2
-- GE1/0/3
-- GE1/0/4
-- GE1/0/5
Detect type State
SYN-FLOOD Normal
DNS-FLOOD Normal
SYN-ACK-FLOOD Normal
ACK-FLOOD Normal
SYN-FLOOD Normal
993
PPS Dropped
0 4294967295
1000 111111111
1000 222222222
1000 111111111
1000 22222222