Manualshelf

Command Reference Guide

ManualsBrandsHP ManualsMoonshot SystemsHP Moonshot-45G Switch Module
471472473474475476477478479480
Denial of Service Commands
CLI Command Reference
September 2014 Page 472
HP Moonshot Switch Module CLI Command Reference
dos-control icmpfrag
This command enables ICMP Fragment Denial of Service protection. If the mode is enabled, Denial of Service
prevention is active for this type of attack. If packets ingress having fragmented ICMP packets, the packets will
be dropped if the mode is enabled.
no dos-control icmpfrag
This command disabled ICMP Fragment Denial of Service protection.
dos-control l4port
This command enables L4 Port Denial of Service protections. If the mode is enabled, Denial of Service
prevention is active for this type of attack. If packets ingress having Source TCP/UDP Port Number equal to
Destination TCP/UDP Port Number, the packets will be dropped if the mode is enabled.
no dos-control l4port
This command disables L4 Port Denial of Service protections.
Default disabled
Format
dos-control icmpfrag
Mode Global Config
Format
no dos-control icmpfrag
Mode Global Config
Note: Some applications mirror source and destination L4 ports - RIP for example uses 520 for both.
If you enable dos-control l4port, applications such as RIP may experience packet loss which would
render the application inoperable.
Default disabled
Format
dos-control l4port
Mode Global Config
Format
no dos-control l4port
Mode Global Config