Cisco Cisco Packet Data Gateway (PDG)
ip source-violation
Sets the parameters for IP source validation. Source validation is useful if packet spoofing is suspected or for
verifying packet routing and labeling within the network.
verifying packet routing and labeling within the network.
Source validation requires the source address of received packets to match the IP address assigned to the
subscriber (either statically or dynamically) during the session.
subscriber (either statically or dynamically) during the session.
Product
PDSN
PDIF
Privilege
Security Administrator, Administrator
Command Modes
Exec > Global Configuration > Context Configuration > PDSN Service Configuration
configure > context context_name > pdsn-service service_name
Entering the above command sequence results in the following prompt:
[
context_name
]
host_name
(config-pdsn-service)#
Syntax Description
ip source-violation
{
clear-on-valid-packet
|
drop-limit num
|
period secs
|
reneg-limit num
}
no ip source-violation clear-on-valid-packet
default ip source-violation
default ip source-violation
{
drop-limit
|
period
|
reneg-limit
}
no
Enables/Disables ip source-violation clear-on-valid-packet.
default
Configure default settings related to ip source-violation.
clear-on-valid-packet
Default: disabled
Configures the service to reset the reneg-limit and drop-limit counters after receipt of a properly addressed
packet.
packet.
drop-limit num
Default: 10
Sets the number of allowed source violations within a detection period before forcing a call disconnect. If
num is not specified, the value is set to the default.
num is not specified, the value is set to the default.
Command Line Interface Reference, Modes I - Q, StarOS Release 19
1567
PDSN Service Configuration Mode Commands
ip source-violation