Protection against malformed ip packets – Brocade Virtual ADX Administration Guide (Supporting ADX v03.1.00) User Manual

Page 68

Brocade Virtual ADX Administration Guide

53-1003249-01

Specifying the maximum number of unknown unicast packets

You can specify the maximum number of unknown-unicast packets the device can forward each
second. By default the device sends unknown unicasts and all other traffic at wire speed and is
limited only by the capacities of the hardware. However, if other devices in the network cannot
handle unlimited unknown-unicast traffic, this command allows you to relieve those devices by
throttling the unknown unicasts at the Brocade Virtual ADX.

The unknown-unicast limit does not affect broadcast or multicast traffic. However, you can use the
broadcast limit and multicast limit commands to control these types of traffic.

To specify the maximum number of unknown-unicast packets the device can forward each second,
enter commands such as the following.

Virtual ADX(config)#interface e8

Virtual ADX(config-if-8)#unknown-unicast limit 30000

Syntax: [no] unknown-unicast limit num

Protection against malformed IP packets

The Brocade Virtual ADX can be enabled to guard against malformed IP packets. When this feature
is enabled, the Brocade Virtual ADX will drop/block the abnormal packet received if any of the
following condition is true:

1. Source IP = 0.0.0.0 or 255.255.255.255

2. Destination IP = 0.0.0.0

3. Source IP = Destination IP

You can enable the protection against malformed IP packets feature on the Brocade Virtual ADX
globally by entering the following command.

Virtual ADX(config)#server block-abnormal-ip-packet

Syntax: [no] server block-abnormal-ip-packet