No relevant resource is found in the selected language.

This site uses cookies. By continuing to browse the site you are agreeing to our use of cookies. Read our privacy policy>Search


To have a better experience, please upgrade your IE browser.


NE40E V800R010C00 Feature Description - NAT and IPv6 Transition 01

Rate and give feedback :
Huawei uses machine translation combined with human proofreading to translate this document to different languages in order to help you better understand the content of this document. Note: Even the most advanced machine translation cannot match the quality of professional translators. Huawei shall not bear any responsibility for translation accuracy and it is recommended that you refer to the English document (a link for which has been provided).
NAT64 Resource Protection

NAT64 Resource Protection

User sessions that saving NAT mapping relationship of users, are critical to a NAT64 device when NAT64 is performed. Therefore, user session resources need to be protected against attacks to ensure resource efficiency.

Session Entry Aging

On a NAT64 device, you can set the aging time of NAT64 user session entries of various application protocols to age expired session entries and release system resources.

Session Count Limit

If a user with an IPv6 address launches a DoS attack, such as a SYN Flood attack, session table resources of the NAT64 device may be exhausted, and other users cannot create the session table and fail to go online. Therefore, the number of TCP, UDP, ICMP, and total sessions established using each IP address needs to be collected and monitored. When the number of TCP, UDP, or ICMP sessions from a source address or to a destination address reaches the preset threshold, the system suppresses new connections from the source address or to the destination address.

Updated: 2018-07-04

Document ID: EDOC1100027155

Views: 21730

Downloads: 71

Average rating:
This Document Applies to these Products
Related Documents
Related Version
Previous Next