The anti-ddos source-ip detect aging-time command sets the aging time for the source IP address monitoring table.
The undo anti-ddos source-ip detect aging-time command restores the default aging time.
| Parameter | Description | Value |
|---|---|---|
| time | Aging time | The value is an integer ranging from 1 to 60,000, in seconds. The default value is 1800. |
If the FW determines that an IP address is real, the FW adds the address to the source IP address monitoring table, which is equivalent to a whitelist. All packets from the source IP address are considered legitimate and permitted by the FW without verification, unless the address in the monitoring table expires.
Unlike the aging mechanism of an entry in the session table, the aging time of an entry in the source IP address monitoring table starts from the time the entry was created, and the remaining keepalive time is not updated when a packet matches the entry. When the configured aging time elapses, the entry expires.