As a network traffic bearer node, the router needs to control the path along which packets are forwarded through management and control protocol-based service policy deployment. On the public network, the router may be attacked by flood attacks on the management and control plane. To resolve this problem, a CPU defense policy needs to be configured on the router.
As the attack target of flood attacks on forwarded traffic is a specific Internet site, the router is generally not affected. The router is typically used as an assistant NE to detect traffic abnormality and perform traffic policies to discard or control attack traffic. This part is not described in detail.