DES-7200 Configuration Guide Chapter 12 NFPP Configuration
12-72
IPv6
VRRP
etype 0x86dd
protocol
112
rate-limit 64
attatch-threshold
100
Not applicable rate-limit 1024
attatch-threshold
1024
SNMP etype 0x0800
protocol 17
dst-port
161
rate-limit 1000
attatch-threshold
1200
Not applicable rate-limit 2000
attatch-threshold
3000
RSVP etype 0x0800
protocol 46
rate-limit 800
attatch-threshold
1200
Not applicable rate-limit 1200
attatch-threshold
1500
LDP
(UDP
hello)
etype 0x0800
protocol 17
dst-port
646
rate-limit 10
attatch-threshold
15
Not applicable rate-limit 100
attatch-threshold
150
Caution
Defined guard is intended to furthest include existing protocol types and
facilitate new protocol type extension. It allows free combinations of type
fields. If improperly configured, it will result in abnormal network.
Therefore, the network administrator shall have a good command of
network protocols. This table shows the effective configurations for
popular protocols, and the administrator can configure accordingly. For
other protocols which have been listed in the table, configurations shall
be made with caution.
12.9.1.3 Configuring Attacker Isolation Period
By default, the attacker isolation period is 0, namely the attacker won't be isolated.
Command Function
DES-7200#configure terminal
Enter global configuration mode.
DES-7200(config)#nfpp
Enter NFPP configuration mode.
DES-7200(config-nfpp)#define
name
Enter defined guard configuration mode