DXS-3227, DXS-3227P, DXS-3250 and DXS-3250E EWS User Guide
Discarding IP Fragments
The IP Fragmented Filtering Page provides parameters for discarding IP fragmented packets from specific inter-
faces. Packet Fragmentation occurs when a packet is too large to be transmitted as a single unit, and is forwarded
in two or more packets. Packet are reconstructed when they reach the destination. IP Fragment filtering elimi-
nates:
•
Retransmitting IP packets due to partial packet loss. If packet information is sent in multiple packets and one
packet is dropped, the part Fragmented IP packets cause an extra processing load.
•
Some firewalls block all fragments as the header information is sent to a higher layer protocol for filtering.
To define IP fragmentation:
1.
Click Advanced Setup > Security Suite > DOS Attacks > IP Fragmented. The IP Fragmented Filtering
Page opens.
Figure 90: IP Fragmented Filtering Page
The IP Fragmented Filtering Page contains the following fields:
•
Interface — Indicates the interface from which fragmented IP packets are discarded.
•
IP Address —Indicates the destination IP address.
•
Mask — Defines the IP address network mask. The default is 255.255.255.255.
•
Remove — Removes IP Fragmented Filtering from the interface. The possible field values are:
–
Checked — Removes IP Fragmented Filtering from the interface.
–
Unchecked — Maintains IP Fragmented Filtering on the device.
Page 150