Faq-How Does The Ma5600 Support Anti Dos Attack Function - Huawei MA5600 Manual

MSAN UA5000 Cases
of the required program is larger than the remaining allowed bandwidth of the service port, you can
order the program. If the allowed bandwidth of the service port is insufficient, the packet loss
occurs. In this case, the multicast service is unstable.
Suggestions and
The program bandwidth is statically configured when the multicast program is added. For the actual
Summary:
IPTV service application, the program rate of the multicast source of the carrier should be
invariable. When configuring the multicast program on the MA5600, ensure that the program
bandwidth is configured the same as the bit rate of the program source of this program. In this way,
the bandwidth check can be effective.
The main purpose of the bandwidth check is to check and ensure that the total bandwidth occupied
by the program of the uplink port/user port does not exceed the rate actually supported by the uplink
port/user port (otherwise, the packet loss occurs). If you can ensure on the networking that the total
bandwidth occupied by the program of the uplink port/user port does not exceed the rate actually
supported by the uplink port/user port, you can disable the bandwidth check.

1.14 FAQ-How Does the MA5600 Support Anti DoS Attack Function

Title: FAQ-How Does the MA5600 Support Anti DoS Attack Function
ID: SE0000352528
Information
Troubleshooting Cases
Type :
Product Family: Broadband Access
Fault Type: Virus/Attack
Keywords: DOS MA5600
Permission Level: Warranty Users Permission
Phenomenon Descr
Q:
iption:
How does the MA5600 support the anti DoS attack function?
Alarm Informatio
Null
n:
Cause Analysis: Null
Handling Proces
A:
s:
The anti Dos attack in the MA5600 is a function that the system detects whether the DoS attack
occurs with the physical port as a granularity for xDSL boards.
The principle:
After the security anti-dos enable command is executed to enable the anti Dos attack function
successfully, the system limits the rate of sending the packets to the CPU of each service board
to 20 pps.
Meanwhile, the packets sent to the CPU of each service board are detected once every five
seconds, and the detection is performed four times consecutively. Every time the rate detected
exceeds 20 pps, it is regarded that the DoS attack occurs.
Then, the port sending the packets is added to the DoS blacklist, and an alarm is generated.
The MA5600 system does not change the status of the port added to the blacklist, but prohibits
the port from sending the packets to the CPU of the service board. Other service packets,
however, can be forwarded (the forwarding is performed by each service board). Meanwhile, the
system starts a timer with the duration of 180s. When the timer times out, which means that
Confidential Information of Huawei. No Spreading without Permission
Chapter 1 MA5600 Cases
Quality Level:
B
Product: SmartAX MA5600
17