Allied Telesis AT-S63 User Manual
Page 341
AT-S63 Management Software Command Line Interface User’s Guide
Section II: Advanced Operations
341
Note
This defense mechanism requires some involvement by the switch’s
CPU, though not as much as the Teardrop defense. This will not
impact the forwarding of traffic between the switch ports, but it can
affect the handling of CPU events, such as the processing of IGMP
packets and spanning tree BPDUs. For this reason, Allied Telesyn
recommends that you strictly limit the use of this defense, activating
it only on those ports where an attack is most likely to originate.
You can use the MIRRORING parameter to copy the offending traffic to a
destination port mirror for analysis with a data analyzer. To define the
destination port, refer to “SET SWITCH MIRROR” on page 184.
Example
The following command activates the defense on ports 1 and 5:
set dos pingofdeath port=1,5 state=enable