display attack-defense flood statistics ipv6
Use display attack-defense flood statistics ipv6 to display IPv6 flood attack detection and prevention statistics.
Syntax
In standalone mode:
display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-flood | syn-ack-flood | udp-flood } statistics ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ [ local ] [ slot slot-number ] ] [ count ]
In IRF mode:
display attack-defense { ack-flood | dns-flood | fin-flood | flood | http-flood | icmpv6-flood | rst-flood | syn-flood | syn-ack-flood | udp-flood } statistics ipv6 [ ipv6-address [ vpn vpn-instance-name ] ] [ [ local ] [ chassis chassis-number slot slot-number ] ] [ count ]
Views
Any view
Predefined user roles
network-admin
network-operator
mdc-admin
mdc-operator
Parameters
ack-flood: Specifies ACK flood attack.
dns-flood: Specifies DNS flood attack.
fin-flood: Specifies FIN flood attack.
flood: Specifies all IPv6 flood attacks.
http-flood: Specifies HTTP flood attack.
icmpv6-flood: Specifies ICMPv6 flood attack.
rst-flood: Specifies RST flood attack.
syn-ack-flood: Specifies SYN-ACK flood attack.
syn-flood: Specifies SYN flood attack.
udp-flood: Specifies UDP flood attack.
ipv6-address: Specifies a protected IPv6 address. If you do not specify an IPv6 address, this command displays flood attack detection and prevention statistics for all protected IPv6 addresses.
vpn-instance vpn-instance-name: Specifies the MPLS L3VPN instance to which the protected IPv6 address belongs. The vpn-instance-name argument is a case-sensitive string of 1 to 31 characters. Do not specify this option if the protected IPv6 address is on the public network.
local: Specifies the device.
slot slot-number: Specifies a card by its slot number. This option is available only when you specify the device. If you do not specify a card, this command displays IPv6 flood attack detection and prevention statistics for all cards. (In standalone mode.)
chassis chassis-number slot slot-number: Specifies a card on an IRF member device. The chassis-number argument represents the member ID of the IRF member device. The slot-number argument represents the slot number of the card. This option is available only when you specify the device. If you do not specify a card, this command displays IPv6 flood attack detection and prevention statistics for all cards. (In IRF mode.)
count: Displays the number of matching protected IPv6 addresses.
Usage guidelines
The device collects statistics about protected IP addresses for flood attack detection and prevention. The attackers' IP addresses are not recorded.
Examples
# (In standalone mode.) Display all IPv6 flood attack detection and prevention statistics.
<Sysname> display attack-defense flood statistics ipv6 Slot 1: IPv6 address VPN Detected on Detect type State PPS Dropped 1::4 -- Local ACK-FLOOD Normal 1000 111111111 1::5 -- Local SYN-FLOOD Normal 1000 22222222 Slot 2: IPv6 address VPN Detected on Detect type State PPS Dropped 1::6 -- Local DNS-FLOOD Normal 1000 12569985
# (In standalone mode.) Display the number of IPv6 addresses that are protected against flood attacks.
<Sysname> display attack-defense flood statistics ipv6 count Slot 1: Totally 2 flood entries. Slot 2: Totally 1 flood entries.
Table 70: Command output
Field | Description |
---|---|
IPv6 address | Protected IPv6 address. |
VPN | MPLS L3VPN instance to which the protected IPv6 address belongs. If the protected IPv6 address is on the public network, this field displays hyphens (--). |
Detected on | Where the attack is detected: the device (Local). |
Detect type | Type of the detected flood attack. |
State | Whether the device is attacked:
|
PPS | Number of packets sent to the IPv6 address per second. |
Dropped | Number of attack packets dropped by the device. |
Totally 2 flood entries | Total number of IPv6 addresses that are protected. |