The rate at which ICMP messages are sent is set on a board, which helps prevent ICMP flood attacks on boards. Defense against ICMP Flood attacks can be enabled based on boards.
During an ICMP Flood attack, ICMP packets are sent at a high rate. When a program sends more than 1000 packets per second, the program is considered a flood generator. A large number of ICMP Echo Request packets are sent to the target. The target host has to return a large number of ICMP Echo Reply or ICMP unreachable packets. After the attacker forges a source IP address, the target host sends back a large number of ICMP packets to the false address in vain. This consumes the host's system resources, and eventually the server may stop responding. The attack may also originate from other types of ICMP packets.
Enable or disable defense against ICMP Flood attacks.
car icmp cir 100 cbs 3000
undo car icmp
Check statistics about fragments that are used to launch attacks to all boards or a specified board.
display cpu-defend car protocol icmp statistics
Delete statistics about fragments that are used to launch attacks to all boards or a specified board.
reset cpu-defend car protocol icmp statistics
N/A