Configuration of a hash board selection mode when a firewall uses the GTP overbilling attack defense function

5

You must set the hash board selection mode to source address or source address + destination address.

Other related questions:
Configuration of a hash board selection mode when a firewall uses the GTP filtering function
You must set the hash board selection mode to source address + destination address when using the GTP function.

Function of hash board selection on firewalls
The function of hash board selection on firewalls is as follows: By adjusting the hash board selection mode based on network requirements, you can change the mechanism in which an SPU processes packets.

Hash board selection mode configuration
You can configure a hash board selection mode as follows: 1. Run the system-view command to enter the system view. 2. Run the firewall hash-mode { source-and-destination | source-only } command to configure a hash board selection mode. The default hash board selection mode is source address + destination address. After the configuration is complete, restart the device to make the configuration take effect. 3. Run the firewall hash-gene hash-gene command to adjust the hash gene. The default hash gene is 0. After the configuration is complete, restart the device to make the configuration take effect.

Configure attack defense on an AR router
Attack defense mainly defends the CPU against attack packets to ensure that the server can normally run in case of an attack. Attack defense configuration is composed of the following parts: enabling attack defense, (optional) configuring flooding defense parameters, super-large ICMP packet defense parameters, and scan attack defense parameters, and checking configuration result. By default, no type of attack defense is enabled. For details about how to configure attack defense of AR series routers using command lines and through the web NMS, see the URL: AR router configuration attack defense .

Attack defense concept and configuration method for the USG6000
1. Choose Policy > Security Protection > Attack Defense > Anti-DDoS. 2. Bind the interface connecting the NGFW to the Internet. You can use either of the following methods to bind the interface: In Unbound Interfaces, double-click the interface to be bound. The interface is displayed in Bound Interfaces. In Unbound Interfaces, select the interface to be bound and click it. The interface is displayed in Bound Interfaces. 3. (Optional) Configure the NGFW to interwork with the ATIC server. a. Choose Policy > Security Protection > Attack Defense > Anti-DDoS. b. Select the ATIC Interworking check box and enter the IP address of the ATIC server. After the NGFW is configured to interwork with the ATIC server, it can send traffic anomaly logs to the ATIC server. 4. On the DDoS page, click Set Learning Parameters to configure the threshold learning function. 5. Click OK. The threshold learning function takes effect. After this function takes effect, the learning status is displayed under Set Learning Parameters. You can view the threshold learning status. 6. On the DDoS page, select the attack type to be defended against and click Enable. The default threshold is used for defending against each type of attack. 7. Click Apply. 8. If threshold learning is not automatically applied, you must manually trigger the system to apply learning result after threshold learning is complete or set thresholds based on the learning results. Generally, a manually set threshold should be a little bit higher than the learned threshold.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top