anti-ddos auto-defend none-session type
Function
The anti-ddos auto-defend none-session type command sets the rule type delivered by dynamic traffic limiting for packet loss-based traffic attack defense.
Usage Guidelines
The default rule type is 5-tuple.
If the specified rule type is 3-tuple and the total rate of an attack flow containing the 3-tuple (source IP address+source port+protocol or destination IP address+destination port+protocol) reaches rule-rate specified in the anti-ddos auto-defend none-session drop-rate drop-rate rule-rate rule-rate command, the 3-tuple rule will be delivered for the flow.
If the specified rule type is 5-tuple and the rate of an attack flow reaches rule-rate specified in the anti-ddos auto-defend none-session drop-rate drop-rate rule-rate rule-rate command, the 5-tuple rule is delivered for the flow.
If the specified rule is auto, the 5-tuple rule is delivered preferentially for the flow. If the rate of a single flow does not reach rule-rate but the rate of another flow that has the same 3-tuple as the flow reaches rule-rate, the 3-tuple rule will be delivered for the flow.
Modifying the delivered rule type takes effect only for new attack traffic. Attack traffic corresponding to delivered rules is limited based on original rules.