Reference Guide
565 | ipv6 firewall Dell Networking W-Series ArubaOS 6.4.x| User Guide
ipv6 firewall
ipv6 firewall
attack-rate {ping <number>|session <number>|tcp-syn <number>}
deny-inter-user-bridging |
drop-ip-fragments |
enable-per-packet-logging |
enforce-tcp-handshake |
prohibit-ip-spoofing |
prohibit-rst-replay |
session-idle-timeout <seconds> |
session-mirror-destination {ip-address <ipaddr>}|{port <slot/<port>}
Description
This command configures firewall options on the controller for IPv6 traffic.
Syntax
Parameter Description Range Default
attack-rate
Sets rates which, if exceeded, can indicate a
denial of service attack.
ping
Number of ICMP pings per 30 seconds, which if
exceeded, can indicate a denial of service attack.
Recommended value is 120.
1-
16384
—
session
Number of TCP or UDP connection requests per
30 seconds, which if exceeded, can indicate a
denial of service attack. Recommended value is
960.
1-
16384
—
tcp-syn
Number of TCP SYN messages per 30 seconds,
which if exceeded, can indicate a denial of service
attack. Recommended value is 960.
1-
16384
—
deny-inter-user-bridging
Prevents the forwarding of Layer-2 traffic
between wired or wireless users. You can
configure user role policies that prevent Layer-3
traffic between users or networks but this does
not block Layer-2 traffic. This option can be used
to prevent Appletalk or IPX traffic from being
forwarded.
— disable
d
drop-ip-frag
ments
When enabled, all IP fragments are dropped. You
should not enable this option unless instructed to
do so by a Dell representative.
— disable
d