Show server conn-rate, Maximum connections, Clear statistics dos-attack – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

ServerIron ADX Security Guide

31

53-1002440-03

Maximum connections

1

show server conn-rate

Use show server conn-rate to display the global TCP connection rate (per second) and TCP SYN
attack rate (per second). This command reports global connection rate information for the
ServerIron as well as for each real server.

Maximum connections

Use max-conn to set the number of maximum connections on a global real server level (all ports) or
a single port.

clear statistics dos-attack

Use clear statistics dos-attack to reset counters for ICMP and TCP SYN packet burst thresholds, as
displayed by show statistics dos-attack.

Example

ServerIronADX# clear statistics dos-attack

ServerIronADX# show statistics dos-attack

NOTE

The above commands are used to reset and verify counters for ICMP and TCP SYN packet burst
thresholds. The ServerIron ADX has introduced more a powerful feature to detect and block DoS
attacks. Please refer to the chapter titled:

“Syn-Proxy and DoS Protection”

on page 113 to view

details about verifying and clearing DOS-attack counters and filters.

ServerIronADX# show server conn-rate

Avail. Sessions = 524286 Total Sessions = 524288

Total C->S Conn = 0 Total S->C Conn = 0

Total Reassign = 0 Unsuccessful Conn = 0

last conn rate = 0 max conn rate = 0

last TCP attack rate = 0 max TCP attack rate = 0

SYN def RST = 0 SYN flood = 0

Server State - 1:enabled, 2:failed, 3:test, 4:suspect, 5:grace_dn, 6:active

Real Server State CurrConn TotConn LastRate CurrRate MaxRate

rs1 3 0 0 0 0 0

All ports

One port

!

server real rs1 10.10.1.30

max-conn 1200

port http

port http max-conn 1000

port http url "HEAD /"

!