Cisco Cisco Packet Data Gateway (PDG)
per-aor-failure-limit
Sets a failure limit that, when exceeded, causes the suspension of registration attempts for the offending AoR.
The system will ignore the configuration of this command unless the dos-prevention command has been
enabled.
enabled.
Important
Product
SCM (P-CSCF, A-BG)
Privilege
Security Administrator, Administrator
Command Modes
Exec > Global Configuration > Context Configuration > CSCF Service Configuration > Proxy-CSCF
Configuration > CSCF Security Configuration
Configuration > CSCF Security Configuration
configure > context context_name > cscf service service_name > proxy-cscf > security-parameters
Entering the above command sequence results in the following prompt:
[
context_name
]
host_name
(config-security-parameters)#
Syntax Description
per-aor-failure-limit limit
default per-aor-failure-limit
default per-aor-failure-limit
default
Sets/restores the default value assigned to the specified command.
limit
Default: 200
Defines the threshold for registration failures based on a calculation using weighted multipliers defined in
auth-failure-weight and bad-request-weight.
auth-failure-weight and bad-request-weight.
limit must be an integer from 5 to 10,000.
Usage Guidelines
Use this command to set a failure limit for registration attempts from an identified AoR. The following
calculation determines when this threshold is reached for a specific AoR:
calculation determines when this threshold is reached for a specific AoR:
Current authorization failures ÷ auth-failure-weight = current failures per AoR
or
Total bad registration requests ÷ bad-request-weight = current failures per AoR
Command Line Interface Reference, Modes C - D, StarOS Release 19
1604
CSCF Security Configuration Mode Commands
per-aor-failure-limit