< Home

anti-ddos auto-defend base-session rate

Function

The anti-ddos auto-defend base-session rate command sets the alarm threshold and upper threshold of the session packet rate for dynamic limiting for session-based traffic attack defense.

Format

anti-ddos auto-defend base-session alert-rate alert-rate max-rate max-rate

Parameters

Parameter Description Value
alert-rate

Indicates the alarm threshold of the session packet rate.

The value is an integer ranging from 5,000 to 5,000,000 in seconds. The default value is 100,000 seconds.
max-rate

Indicates the upper threshold of the session packet rate.

The value is an integer ranging from 10,000 to 10,000,000 in seconds. The default value is 200,000 seconds.

Views

System view

Default Level

3: Management level

Usage Guidelines

If dynamic limiting for session-based traffic attack defense is enabled and the session packet rate reaches the specified alert-rate, the system outputs the traffic attack alarm and log. If the session packet rate reaches the specified max-rate, traffic limiting is performed on the attack traffic based on the CAR value configured with the anti-ddos auto-defend car car-value command.

The session packet rate refers to the number of packets per second during a session.

alert-rate must not greater than max-rate.

Example

# Set the alarm threshold to 30,000 pps and upper threshold to 50,000 pps for the session packet rate of dynamic limiting for session-based traffic attack defense.

<sysname> system-view
[sysname] anti-ddos auto-defend base-session alert-rate 30000 max-rate 50000
Parent Topic: Dynamic Traffic Limiting for Traffic Attack Defense Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >