a10_cgnv6_ddos_protection

Synopsis

Configure CGNV6 DDoS Protection

Parameters

Parameters

Choices/Defaults

Comment

state

str/required

[‘noop’, ‘present’, ‘absent’]

State of the object to be created.

ansible_host

str/required

Host for AXAPI authentication

ansible_username

str/required

Username for AXAPI authentication

ansible_password

str/required

Password for AXAPI authentication

ansible_port

int/required

Port for AXAPI authentication

a10_device_context_id

int

[‘1-8’]

Device ID for aVCS configuration

a10_partition

str

Destination/target partition for object/command

toggle

str

‘enable’= Enable CGNV6 NAT pool DDoS protection (default); ‘disable’= Disable CGNV6 NAT pool DDoS protection;

logging

dict

Field logging

logging_toggle

str

‘enable’= Enable CGNV6 NAT pool DDoS protection logging (default); ‘disable’= Disable CGNV6 NAT pool DDoS protection logging;

packets_per_second

dict

Field packets_per_second

ip

int

Configure packets-per-second threshold per IP(default 3000000)

action

dict

Field action

tcp

int

Configure packets-per-second threshold per TCP port (default= 3000)

udp

int

Configure packets-per-second threshold per UDP port (default= 3000)

other

int

Configure packets-per-second threshold for other L4 protocols(default 10000)

include_existing_session

bool

Count traffic associated with existing session into the packets-per-second (Default= Disabled)

max_hw_entries

int

Configure maximum HW entries

zone

str

Disable NAT IP based on DDoS zone name set in BGP

uuid

str

uuid of the object

sampling_enable

list

Field sampling_enable

counters1

str

‘all’= all; ‘l3_entry_added’= L3 Entry Added; ‘l3_entry_deleted’= L3 Entry Deleted; ‘l3_entry_added_to_bgp’= L3 Entry added to BGP; ‘l3_entry_removed_from_bgp’= Entry removed from BGP; ‘l3_entry_added_to_hw’= L3 Entry added to HW; ‘l3_entry_removed_from_hw’= L3 Entry removed from HW; ‘l3_entry_too_many’= L3 Too many entries; ‘l3_entry_match_drop’= L3 Entry match drop; ‘l3_entry_match_drop_hw’= L3 HW entry match drop; ‘l3_entry_drop_max_hw_exceeded’= L3 Entry Drop due to HW Limit Exceeded; ‘l4_entry_added’= L4 Entry added; ‘l4_entry_deleted’= L4 Entry deleted; ‘l4_entry_added_to_hw’= L4 Entry added to HW; ‘l4_entry_removed_from_hw’= L4 Entry removed from HW; ‘l4_hw_out_of_entries’= HW out of L4 entries; ‘l4_entry_match_drop’= L4 Entry match drop; ‘l4_entry_match_drop_hw’= L4 HW Entry match drop; ‘l4_entry_drop_max_hw_exceeded’= L4 Entry Drop due to HW Limit Exceeded; ‘l4_entry_list_alloc’= L4 Entry list alloc; ‘l4_entry_list_free’= L4 Entry list free; ‘l4_entry_list_alloc_failure’= L4 Entry list alloc failures; ‘ip_node_alloc’= Node alloc; ‘ip_node_free’= Node free; ‘ip_node_alloc_failure’= Node alloc failures; ‘ip_port_block_alloc’= Port block alloc; ‘ip_port_block_free’= Port block free; ‘ip_port_block_alloc_failure’= Port block alloc failure; ‘ip_other_block_alloc’= Other block alloc; ‘ip_other_block_free’= Other block free; ‘ip_other_block_alloc_failure’= Other block alloc failure; ‘entry_added_shadow’= Entry added shadow; ‘entry_invalidated’= Entry invalidated; ‘l3_entry_add_to_bgp_failure’= L3 Entry BGP add failures; ‘l3_entry_remove_from_bgp_failure’= L3 entry BGP remove failures; ‘l3_entry_add_to_hw_failure’= L3 entry HW add failure;

l4_entries

dict

Field l4_entries

uuid

str

uuid of the object

ip_entries

dict

Field ip_entries

uuid

str

uuid of the object

disable_nat_ip_by_bgp

dict

Field disable_nat_ip_by_bgp

uuid

str

uuid of the object

stats

dict

Field stats

l3_entry_added

str

L3 Entry Added

l3_entry_deleted

str

L3 Entry Deleted

l3_entry_added_to_bgp

str

L3 Entry added to BGP

l3_entry_removed_from_bgp

str

Entry removed from BGP

l3_entry_added_to_hw

str

L3 Entry added to HW

l3_entry_removed_from_hw

str

L3 Entry removed from HW

l3_entry_too_many

str

L3 Too many entries

l3_entry_match_drop

str

L3 Entry match drop

l3_entry_match_drop_hw

str

L3 HW entry match drop

l3_entry_drop_max_hw_exceeded

str

L3 Entry Drop due to HW Limit Exceeded

l4_entry_added

str

L4 Entry added

l4_entry_deleted

str

L4 Entry deleted

l4_entry_added_to_hw

str

L4 Entry added to HW

l4_entry_removed_from_hw

str

L4 Entry removed from HW

l4_hw_out_of_entries

str

HW out of L4 entries

l4_entry_match_drop

str

L4 Entry match drop

l4_entry_match_drop_hw

str

L4 HW Entry match drop

l4_entry_drop_max_hw_exceeded

str

L4 Entry Drop due to HW Limit Exceeded

l4_entry_list_alloc

str

L4 Entry list alloc

l4_entry_list_free

str

L4 Entry list free

l4_entry_list_alloc_failure

str

L4 Entry list alloc failures

ip_node_alloc

str

Node alloc

ip_node_free

str

Node free

ip_node_alloc_failure

str

Node alloc failures

ip_port_block_alloc

str

Port block alloc

ip_port_block_free

str

Port block free

ip_port_block_alloc_failure

str

Port block alloc failure

ip_other_block_alloc

str

Other block alloc

ip_other_block_free

str

Other block free

ip_other_block_alloc_failure

str

Other block alloc failure

entry_added_shadow

str

Entry added shadow

entry_invalidated

str

Entry invalidated

l3_entry_add_to_bgp_failure

str

L3 Entry BGP add failures

l3_entry_remove_from_bgp_failure

str

L3 entry BGP remove failures

l3_entry_add_to_hw_failure

str

L3 entry HW add failure

Status

  • This module is not guaranteed to have a backwards compatible interface. [preview]

  • This module is maintained by community.

Authors

  • A10 Networks 2021