D-Link DES-7200 Refrigerator User Manual


  Open as PDF
of 1968
 
DES-7200 Configuration Guide Chapter 6 URPF Configuration
6-6
After URPF is enabled, URPF will override ACL (interface configuration mode: ip access-group
in) during packet check.
If URPF strict mode is enabled, incoming messages with source address being the address of
receiving interface will be discarded. If URPF loose mode is enabled, such messages will pass
the interface.
6.1.5 Protocol specification
Protocol specifications related to URPF include:
RFC 2827, Network Ingress Filtering: DDOS Attacks which employ IP Source Address
Spoofing
RFC 3704, Ingress Filtering for Multi-homed Networks
6.2 Default configurations
The following table describes the default configurations of URPF.
Function Default setting
URPF global configuration mode Disabled
URPF interface configuration mode Disabled
URPF drop rate monitoring Disabled
URPF drop rate computation interval 30s
URPF drop rate sampling interval URPF drop rate computation interval * 5
URPF drop rate notification threshold 1000pps
URPF drop rate notify hold-down time 300s
URPF Trap sent for drop rate
notification
Disabled
6.3 Configure URPF
functions
The following section describes how to configure the basic functions of URPF:
(Required) Configure URPF (global configuration mode)
(Required)
Configure URPF (interface configuration mode)
(Optional) Configure URPF drop rate notification
View URPF configurations
 previous next