[j-nsp] Netscreen 5400 per-UDP-port bandwidth cap?
Phil Mayers
p.mayers at imperial.ac.uk
Fri Mar 5 05:15:45 EST 2010
On 03/05/2010 10:10 AM, Alex wrote:
> Phil,
> Do you have UDP flood screen enabled? If yes what is the threshold and UDP
> packet size you are using?
Not on the zones through which the traffic is flowing (Untrust & Trust)
according to the CLI & webUI:
set zone "Untrust" screen tear-drop
set zone "Untrust" screen syn-flood
set zone "Untrust" screen ping-death
set zone "Untrust" screen ip-filter-src
set zone "Untrust" screen land
set zone "V1-Untrust" screen tear-drop
set zone "V1-Untrust" screen syn-flood
set zone "V1-Untrust" screen ping-death
set zone "V1-Untrust" screen ip-filter-src
set zone "V1-Untrust" screen land
set zone "Halls" screen alarm-without-drop
set zone "Halls" screen icmp-flood
set zone "Halls" screen udp-flood
set zone "Halls" screen syn-flood
Damn... wait a minute.
I recall something about screen options and vlan sub-ints, in the
release notes.
Hmm.
More information about the juniper-nsp
mailing list