Commands; Purpose; Configuring Flow Setup Throttling (Fst); About Fst - Enterasys Matrix DFE-Gold Series Configuration Manual

clear hostdos-counters

Configuring Flow Setup Throttling (FST)

About FST

Flow Setup Throttling (FST) is a proactive feature designed to mitigate DoS attacks before the
virus can wreak havoc on the network. FST directly combats the effects of DoS attacks by limiting
the number of new or established flows that can be programmed on any individual switch port.
This is achieved by monitoring the new flow arrival rate and/or controlling the maximum number
of allowable flows.
FST limits the vulnerability of connection attacks on the network by allowing administrators to:
• Globally enable FST on the switch and on a port‐by‐port basis.
• Configure the maximum flows allowed per user classification (port type) and the actions that
will occur when flow limits are reached.
• Assign a user classification to each interface.
• Control the generation of SNMP notifications.
• Control the time (in seconds) to wait before generating another notification of the same type
on the same interface.
• Control link status.

Purpose

To review and configure Flow Setup Throttling.

Commands

For information about...
show flowlimit
set flowlimit
set flowlimit limit
clear flowlimit limit
set flowlimit action
clear flowlimit action
show flowlimit class
set flowlimit port
clear flowlimit port class
set flowlimit shutdown
set flowlimit notification
clear flowlimit notification interval
clear flowlimit stats
Configuring Flow Setup Throttling (FST)
Enterasys Matrix DFE-Gold Series Configuration Guide 24-25
Refer to page...
24-26
24-26
24-27
24-28
24-28
24-29
24-30
24-31
24-32
24-32
24-33
24-34
24-34