fw ddos-protection

Configure FW DDoS Protection

ddos-protection Specification

Type	Configuration Resource
Element Name	ddos-protection
Element URI	/axapi/v3/fw/ddos-protection
Element Attributes	ddos-protection_attributes
Statistics Data URI	/axapi/v3/fw/ddos-protection/stats
Operational Data URI	/axapi/v3/fw/ddos-protection/oper
Schema	ddos-protection schema

Operations Allowed:

Operation	Method	URI	Payload
Create Object	POST	/axapi/v3/fw/ddos-protection	ddos-protection attributes
Get Object	GET	/axapi/v3/fw/ddos-protection	ddos-protection attributes
Modify Object	POST	/axapi/v3/fw/ddos-protection	ddos-protection attributes
Delete Object	DELETE	/axapi/v3/fw/ddos-protection	ddos-protection attributes

ddos-protection attributes

action

Description: action is a JSON Block. Please see below for action

Type: Object

logging

Description: logging is a JSON Block. Please see below for logging

Type: Object

uuid

Description uuid of the object

Type: string

Maximum Length: 64 characters

Maximum Length: 1 characters

action

Specification
Type	object

action-type

Description ‘drop’: Log, and drop all packets (default); ‘redistribute-route’: Log, Drop, and Notify upstream router to reroute the packets;

Type: string

Supported Values: drop, redistribute-route

Default: drop

expiration

Description To specify time in minutes to revert the action (Expiration time, in minutes (default is 5 mins))

Type: number

Range: 2-144000

Default: 5

expiration-route

Description To specify time in minutes to revert the action (Expiration time, in minutes (default is 60 mins))

Type: number

Range: 2-144000

Default: 60

remove-wait-timer

Description Max time to wait before removing IP from blackhole (Max value in seconds (default 300))

Type: number

Range: 0-300

Default: 300

route-map

Description Route map name

Type: string

Maximum Length: 128 characters

Maximum Length: 1 characters

timer-multiply-max

Description To specify max value of timer multiplier for attacks lasted long time (Max value of timer multiplier (default is 6))

Type: number

Range: 1-100

Default: 6

logging

Specification
Type	object

enable-action

Description ‘local’: Enable local logs only; ‘remote’: Enable logging to remote server & IPFIX; ‘both’: Enable both local & remote logs;

Type: string

Supported Values: local, remote, both

Default: local

logging-action

Description ‘enable’: enable FW DDoS protection logging; ‘disable’: Disable both local & remote FW DDoS protection logging;

Type: string

Supported Values: enable, disable

Default: enable

stats data

	Counter	Size	Description
	ddos_entry_remove_from_bgp_failure	8	DDOS entry BGP remove failures
	ddos_entry_added	8	DDOS entry added
	ddos_entry_added_to_bgp	8	DDoS Entry added to BGP
	ddos_entry_removed_from_bgp	8	DDoS Entry Removed from BGP
	ddos_packet_dropped	8	DDOS Packet Drop
	ddos_entries_too_many	8	Too many DDOS entries
	ddos_entry_removed	8	DDOS entry removed
	ddos_entry_add_to_bgp_failure	8	DDoS Entry BGP add failures

operational data

	Counter	Size	Description
	entries-list		entries-list
	v4-netmask	ipv4-netmask-brief	v4-netmask
	v4-address	ipv4-address	v4-address
	v6-prefix	ipv6-address-plen	v6-prefix
	details	flag	details