R3303-HP 6600/HSR6600 Routers Security Configuration Guide
497
# Configure the policy to drop the subsequent packets once a UDP flood attack is detected.
[Router-attack-defense-policy-1] defense udp-flood action drop-packet
[Router-attack-defense-policy-1] quit
# Apply policy 1 to GigabitEthernet 3/0/1.
[Router] interface gigabitethernet 3/0/1
[Router-GigabitEthernet3/0/1] attack-defense apply policy 1
# Enable the traffic statistics function in the outbound direction of GigabitEthernet 3/0/1.
[Router-GigabitEthernet3/0/1] flow-statistic enable outbound
# Enable traffic statistics based on destination IP address.
[Router-GigabitEthernet3/0/1] flow-statistic enable destination-ip
Verifying the configuration
If you suspect that the server is under an attack, you can view the traffic statistics information on the
interface to check whether there is an attack.
[Router-GigabitEthernet3/0/1] display flow-statistics statistics destination-ip 10.1.1.2
Flow Statistics Information
------------------------------------------------------------
IP Address : 10.1.1.2
------------------------------------------------------------
Total number of existing sessions : 13676
Session establishment rate : 2735/s
TCP sessions : 0
Half-open TCP sessions : 0
Half-close TCP sessions : 0
TCP session establishment rate : 0/s
UDP sessions : 13676
UDP session establishment rate : 2735/s
ICMP sessions : 0
ICMP session establishment rate : 0/s
RAWIP sessions : 0
RAWIP session establishment rate : 0/s
[Router-GigabitEthernet3/0/1] display flow-statistics statistics interface
gigabitethernet 3/0/1 outbound
Flow Statistics Information
------------------------------------------------------------
Interface : GigabitEthernet3/0/1
------------------------------------------------------------
Total number of existing sessions : 13676
Session establishment rate : 2735/s
TCP sessions : 0
Half-open TCP sessions : 0
Half-close TCP sessions : 0
TCP session establishment rate : 0/s
UDP sessions : 13676
UDP session establishment rate : 2735/s
ICMP sessions : 0
ICMP session establishment rate : 0/s
RAWIP sessions : 0