Syn-proxy server tasks, Configuring syn-proxy – Brocade Virtual ADX Graphical User Interface Guide (Supporting ADX v03.1.00) User Manual
Page 172
160
Brocade Virtual ADX Graphical User Interface Guide
53-1003242-01
SYN-Proxy server tasks
9
NOTE
There is no TCP SYN-ACK for undefined VIP ports (range: 0–4294967295)
SYN-Proxy server tasks
Use the following sections to perform the respective Syn-Proxy server tasks:
•
•
“Disabling the SYN-Proxy server”
•
•
•
•
Configuring Syn-Proxy
To configure the SYN-Proxy server on this device:
1. Select the Configure tab.
2. Click Security in the tab menu bar.
3. From the sidebar, select SYN-Proxy.
4. On the Settings tab, make the following selections (see
for Syn-Proxy Settings tab
controls and descriptions):
•
, mark the Enable checkbox, and then select if this server is to be
available to Defined VIPs only or VIP Traffic only.
SYN Cookie
Controls SYN Cookie Attack Rate threshold (range: 1–10000000, default is 1000), and
SYN Cookie Attack trap interval (range 1–1000, default is 60).
TCP MSS value (V4)
Value for the IPv4 TCP MSS.Select one of the values from the menu.
TCP MSS value (V6)
Value for the IPv6 TCP MSS. (range: 1004–1440)
TCP MSS minimum (V6)
Minimum value for the IPv6 TCP MSS. (range: 64–1200)
Attack Detection Interval
Interval for considering a SYN attack. (range: 1–10, default is 3)
SYN-ACK Window Size
Window size to be used for SYN-ACK. (range: 1–65535, default is 8192).
ACK Validate Multiplier
Value for a valid ACK packet. (range: 1–7, default is 10)
Disable
Click the checkbox to disable the ACK Validate Multiplier feature.
Set Source MAC address
to the ADX MAC
When marked, enables this feature.
Send Reset using Client
MAC
When marked, enables this feature.
TABLE 27
Syn-Proxy Settings tab controls (Continued)
Control
Description