Config Cpu-Dos-Protect - Extreme Networks ExtremeWare Command Reference Manual

config cpu-dos-protect

config cpu-dos-protect [alert-threshold <packets per second>]
[notice-threshold <packets per second>] [timeout <seconds>] [messages [on |
off]] [filter-precedence <number>] [filter-type-allowed {destination |
source | destination source} {protocol}]
Description
Configures denial of service protection.
Syntax Description
alert-threshold
notice-threshold
timeout
messages
filter-precedence
filter-type-allowed
destination
source
protocol
Default
The option defaults are:
• alert-threshold—4000
• notice-threshold—4000.
• timeout—15
• messages—on
• filter-precedence—10
• filter-type-allowed—destination
Usage Guidelines
This command configures denial of service protection for Extreme Networks switches. When heavy
traffic reaches the alert threshold, a hardware ACL is created that blocks the traffic for the timeout
number of seconds.
NOTE
If you set the filter-precedence to 0, the ACLs created by DoS protection will be overwritten by the
default VLAN QoS profile.
ExtremeWare Software 7.0.0 Command Reference Guide
Configures the number of packets per second that the switch needs to recieve
on a port for an ACL to be enabled. Range is 150 to 100,000 packets per
second. Default is 4000.
Configures the number of packets per second that the switch needs to receive
on a port for messages to be logged. Range is 150 to 100,000 packets per
second. Default is 4000.
Configures a duration in seconds. Range is 2 to 300 seconds. Default is 15.
Configures messaging to be on or off. Default is on.
Configures the access list precedence. Default is 10.
Configures the type of access list allowed. Default is destination
Specifies that destination ACLs can be created
Specifies that source ACLs can be created
Specifies that an ACL will be created to block packets from a single protocol,
either TCP, UDP, or other.
config cpu-dos-protect
577