What kind of threshold capability are you referring to? If you can
define it in a firewall filter, then you should be able to rate-limit.
Take a look at a rate limiting examples for multicast, icmp, and UDP on
page 12 of the JUNOS Secure Template at:
http://www.qorbit.net/documents/junos-template.pdf
Your main tools to work with are bandwidth, and burst size.
Page 144 of the JUNOS 5.1 Policy manual also gives a good example on
rate-limiting inbound TCP SYNs, though I do not have the URL for that in
front of me at the moment.
Cheers,
-- steve
> -----Original Message-----
> From: Nimesh Vakharia [mailto:nvakhari@clio.rad.sunysb.edu]
> Sent: Thursday, November 15, 2001 4:52 PM
> To: juniper-nsp@puck.nether.net
> Subject: [j-nsp] Ddos prevention based on traffic sampling...
>
>
> 5.1 seems to have port mirroring to send sampled packets out of ports.
> Now this can be used for traffic analysis but is there any truth to
the
> fact that the OS has capabilities to set up some dynamic rate
> limiting/shaping depending on certain thresholds defined in the
system?
>
> Nimesh.
_________________________________________________________
Do You Yahoo!?
Get your free @yahoo.com address at http://mail.yahoo.com
This archive was generated by hypermail 2b29 : Mon Aug 05 2002 - 10:42:37 EDT