Cisco Cisco Packet Data Gateway (PDG) Folheto
PDSN Service Configuration Mode Commands
▀ ip source-violation
▄ Cisco ASR 5x00 Command Line Interface Reference
7536
ip source-violation
Sets the parameters for IP source validation. Source validation is useful if packet spoofing is suspected or for verifying
packet routing and labeling within the network.
packet routing and labeling within the network.
Source validation requires the source address of received packets to match the IP address assigned to the subscriber
(either statically or dynamically) during the session.
(either statically or dynamically) during the session.
Product
PDSN
PDIF
Privilege
Security Administrator, Administrator
Mode
Exec > Global Configuration > Context Configuration > PDSN Service Configuration
configure > context context_name > pdsn-service service_name
Entering the above command sequence results in the following prompt:
[context_name]host_name(config-pdsn-service)#
Syntax
ip source-violation { clear-on-valid-packet | drop-limit num | period secs | reneg-limit
num }
num }
no ip source-violation clear-on-valid-packet
defaultip source-violation { drop-limit | period | reneg-limit }
no
Enables/Disables
ip source-violation clear-on-valid-packet
.
default
Configure default settings related to
ip source-violation
.
clear-on-valid-packet
Default: disabled
Configures the service to reset the reneg-limit and drop-limit counters after receipt of a properly addressed
packet.
Configures the service to reset the reneg-limit and drop-limit counters after receipt of a properly addressed
packet.
drop-limit
num
Default:
10
Sets the number of allowed source violations within a detection period before forcing a call disconnect. If
num
is not specified, the value is set to the default.
num
can be any integer value from
1
to
1000000
.
period
secs
Default:
120