No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search

Reminder

To have a better experience, please upgrade your IE browser.

upgrade

Fat AP and Cloud AP V200R008C00 CLI-based Configuration Guide

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
Configuring Flood Attack Detection

Configuring Flood Attack Detection

Context

If a large number of broadcast packets are sent to a device in a short time, the device becomes busy processing the packets and cannot process normal services. To prevent flood attacks, you can configure flood detection and a STA rate threshold. If the STA rate exceeds the threshold, the device considers that the STA is launching a flood attack by sending broadcast packets. The device will discard excess packets to ensure network security.

Procedure

  1. Run:

    system-view

    The system view is displayed.

  2. Run:

    wlan

    The WLAN view is displayed.

  3. Run:

    vap-profile name profile-name

    The VAP profile view is displayed.

  4. Configure flood attack detection.

    1. Run the undo anti-attack broadcast-flood disable command to enable flood attack detection.

      By default, the broadcast flood detection function is enabled.

    2. Run the anti-attack broadcast-flood sta-rate-threshold sta-rate-threshold command to set the rate threshold for broadcast flood attack detection.

      By default, the broadcast flood threshold is 10 pps.

    3. (Optional) Run the anti-attack broadcast-flood blacklist enable command to enable the broadcast flood blacklist function. The device then adds STAs that launch broadcast flood attacks to the blacklist.

      By default, the broadcast flood blacklist function is disabled.

Translation
Download
Updated: 2019-01-11

Document ID: EDOC1000176006

Views: 116489

Downloads: 309

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Share
Previous Next