Cisco Cisco Packet Data Interworking Function (PDIF)
![Cisco](https://files.manualsbrain.com/attachments/7380d0050044647c30f5c24bbbf5d0c0b6d9bb84/common/fit/150/50/faa183d287233c52228cfea3dbc2a127fe780f60564fcb0955d9c3d1cd23/brand_logo.png)
per-ip-failure-limit
Sets a failure limit that, when exceeded, causes the suspension of registration attempts for the offending IP
address.
address.
The system will ignore the configuration of this command unless the dos-prevention command has been
enabled.
enabled.
Important
Product
SCM (P-CSCF, A-BG)
Privilege
Security Administrator, Administrator
Command Modes
Exec > Global Configuration > Context Configuration > CSCF Service Configuration > Proxy-CSCF
Configuration > CSCF Security Configuration
Configuration > CSCF Security Configuration
configure > context context_name > cscf service service_name > proxy-cscf > security-parameters
Entering the above command sequence results in the following prompt:
[
context_name
]
host_name
(config-security-parameters)#
Syntax Description
per-ip-failure-limit limit
default per-ip-failure-limit
default per-ip-failure-limit
default
Sets/restores the default value assigned to the specified command.
limit
Default: 100
Defines the threshold for registration failures based on a calculation using weighted multipliers defined in
auth-failure-weight and bad-request-weight.
auth-failure-weight and bad-request-weight.
limit must be an integer from 5 to 10,000.
Usage Guidelines
Use this command to set a failure limit for registration attempts from an identified IP address. The following
calculation determines when this threshold is reached for any IP address:
calculation determines when this threshold is reached for any IP address:
Current authorization failures ÷ auth-failure-weight = current failures per AoR
or
Command Line Interface Reference, Modes C - D, StarOS Release 19
1606
CSCF Security Configuration Mode Commands
per-ip-failure-limit