The anti-ddos auto-defend none-session rate command sets the packet loss rate threshold and dynamic rule delivery threshold of dynamic traffic limiting for packet loss-based traffic attack defense.
| Parameter | Description | Value |
|---|---|---|
| drop-rate | Specifies the packet loss rate threshold. |
The value is an integer ranging from 50,000 to 10,000,000, in seconds. The default value is 300,000 seconds. |
| rule-rate | Specifies the dynamic rule delivery threshold. |
The value is an integer ranging from 5,000 to 5,000,000 in pps. The default value is 100,000. |
If dynamic traffic limiting for packet loss-based traffic attack defense is enabled and the system packet loss rate reaches the specified drop-rate, sampling is performed on lost packets, and the rate of each flow is calculated based on the sampling result. If the traffic rate reaches the specified rule-rate, traffic limiting is performed on attack traffic based on the CAR value configured with the anti-ddos auto-defend car car-value command to reduce the MPU CPU usage.