Manualshelf

R3303-HP HSR6800 Routers Security Configuration Guide

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
411412413414415416417418419420
18
Half-open TCP sessions : 0
Half-close TCP sessions : 0
TCP session establishment rate : 0/s
UDP sessions : 13676
UDP session establishment rate : 2735/s
ICMP sessions : 0
ICMP session establishment rate : 0/s
RAWIP sessions : 0
RAWIP session establishment rate : 0/s
[Router-GigabitEthernet3/0/1] display flow-statistics statistics interface
gigabitethernet 3/0/1 outbound
Flow Statistics Information
------------------------------------------------------------
Interface : GigabitEthernet3/0/1
------------------------------------------------------------
Total number of existing sessions : 13676
Session establishment rate : 2735/s
TCP sessions : 0
Half-open TCP sessions : 0
Half-close TCP sessions : 0
TCP session establishment rate : 0/s
UDP sessions : 13676
UDP session establishment rate : 2735/s
ICMP sessions : 0
ICMP session establishment rate : 0/s
RAWIP sessions : 0
RAWIP session establishment rate : 0/s
The output shows that on GigabitEthernet 3/0/1, a large number of UDP packets destined for 10.1.1.2
exist, and the session establishment rate has exceeded the specified threshold. You can determine that
the server is under a UDP flood attack. Use the display attack-defense statistics command to view the
related statistics collected after the UDP flood protection function takes effect.
TCP proxy configuration example
Network requirements
Configure the TCP proxy function on the router to protect internal servers from SYN flood attacks.
Configure the function to operate in bidirectional mode.