DDoS policers are enabled by default for all supported protocol
groups and packet types. Policers are established at the level of
the individual line card and the Routing Engine. You can disable the
line card policers globally for all MPCs or FPC5s. You can also disable
the Routing Engine policer. When you disable either of these policers,
the policers at that level for all protocol groups and packet types
are disabled.
DDoS logging is also enabled by default. You can disable all
DDoS event logging (including flow detection event logging) for all
protocol groups and packet types across the router.
To configure global DDoS settings:
- (Optional) Disable line card policers.[edit system ddos-protection global]user@host# set disable-fpc
- (Optional) Disable Routing Engine policers.[edit system ddos-protection global]user@host# set disable-routing-engine
- (Optional) Disable event logging.[edit system ddos-protection global]user@host# set disable-logging
Great informative post, thanks so much for sharing... please visit once at https://www.ddoscube.com/
ReplyDelete