FAQ-Why Big Packets Are Discarded in MA5200 R007 When Clients PING the Gateway Address

Publication Date:  2012-07-27 Views:  139 Downloads:  0
Issue Description
Q: Why big packets are discarded in MA5200 R007 when clients ping the gateway address?
Alarm Information
Handling Process
The following is the detailed explanations:
MA5200F is featured by attack-proof in its system design, and limits the bandwidth for packets reported to host by a single user, avoiding the flooding to host by extra packets sent by users.
If the packets sent by an individual user exceed the limitation for bandwidth, they will be discarded directly by hardware; additionally, the parameter of bandwidth limitation is configurable, with command as follows:
[MA5200F-aaa-domain-test]user-host-car 8 640(after configuring the command, it will take effect for new users in the DOMAIN)
By increasing the parameter, less or even no packet will be discarded when users PING the gateway (the interface address of MA5200); however, such an action will blemish the security of system.
Root Cause