The defense policies for UDP services cover block, traffic limiting, and defense.
Block
Discards all UDP packets.
Traffic Limiting
Limits traffic to defend against attacks when UDP attack packets without features.
UDP Traffic Limiting: Limits traffic of all UDP packets destined for an IP address below Threshold.
UDP Fragment Rate Limiting Threshold: Limits traffic of all UDP fragments destined for an IP address below Threshold.
The Threshold is specified based on actual network bandwidths.
NOTE: When UDP services are involved, normal services are affected.Defense
For parameters, see Table 1.
Table 1 Configuring UDP attack defense Parameter Description Recommended Value UDP Flood Fingerprint Attack Defense
Threshold
When the rate of UDP packets reaches the alert threshold, UDP fingerprint learning and payload check are enabled, and the UDP packets matching a specified fingerprint or payload are discarded.
The default value is 50 Mbit/s.
UDP Fragment Attack Defense
Threshold
When the rate of UDP fragments reaches the alert threshold, UDP fragment fingerprint learning and payload check are enabled, and the UDP fragments matching a specified fingerprint or payload are discarded.
The default value is 50 Mbit/s.
You are advised to set Bandwidth Threshold based on baseline learning. For details, see Configuring a Baseline Learning Task.