.. _fw_ddos_protection:

fw ddos-protection
==================

Configure FW DDoS Protection


ddos-protection Specification
-----------------------------

	===================================== ===========================================================
	===================================== ===========================================================
	 **Type**                              *Configuration Resource*

	 **Element Name**                      ddos-protection

	 **Element URI**                       /axapi/v3/fw/ddos-protection

	 **Element Attributes**                ddos-protection_attributes

	 **Statistics Data URI**               /axapi/v3/fw/ddos-protection/stats

	 **Operational Data URI**              /axapi/v3/fw/ddos-protection/oper

	 **Schema**                             :download:`ddos-protection schema <fw-ddos-protection/fw-ddos-protection.txt>`
	===================================== ===========================================================





	**Operations Allowed:**




.. raw:: html

   <script type="text/javascript">
 function showExample(a,b) { document.getElementById(a+'_div').style.display = 'block'; document.getElementById(a+'_cl').style.display = 'block'; document.getElementById(a+'_eg').style.display = 'none';}
   function closeExample(a,b) { document.getElementById(a+'_div').style.display = 'none'; document.getElementById(a+'_cl').style.display = 'none'; document.getElementById(a+'_eg').style.display = 'block';}
 </script>
   <table width='90%' style='margin-left:5%'>



.. raw:: html

   <tr style='border-bottom: thin solid; border-top: thin solid'><th width=15%>Operation</th><th width=10%>Method</th><th>URI</th><th width=15%>Payload</th><th width=10%></th></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Create Object



.. raw:: html

   </td><td valign = 'top'>


POST



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/fw/ddos-protection



.. raw:: html

   </td><td valign = 'top'>


:ref:`788_ddos-protection_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Get Object



.. raw:: html

   </td><td valign = 'top'>


GET



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/fw/ddos-protection



.. raw:: html

   </td><td valign = 'top'>


:ref:`788_ddos-protection_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Modify Object



.. raw:: html

   </td><td valign = 'top'>


POST



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/fw/ddos-protection



.. raw:: html

   </td><td valign = 'top'>


:ref:`788_ddos-protection_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   <tr  style='border-bottom: thin solid;'><td valign = 'top'>


Delete Object



.. raw:: html

   </td><td valign = 'top'>


DELETE



.. raw:: html

   </td><td valign = 'top'>


/axapi/v3/fw/ddos-protection



.. raw:: html

   </td><td valign = 'top'>


:ref:`788_ddos-protection_attributes`



.. raw:: html

   </td><td></td></tr>




.. raw:: html

   </table>

.. _788_ddos-protection_attributes:

ddos-protection attributes
--------------------------

    **action**

        **Description:** action is a **JSON Block**.  Please see below for :ref:`788_action` 

        **Type:** Object

    **logging**

        **Description:** logging is a **JSON Block**.  Please see below for :ref:`788_logging` 

        **Type:** Object

    **sampling-enable**

        **Type:** List

    **uuid**

        **Description** uuid of the object

        **Type:** string

        **Maximum Length:** 64 characters

        **Maximum Length:** 1 characters

.. _788_action:

action
^^^^^^
	=============================== ===================================================
	**Specification**
	=============================== ===================================================
	 **Type**                        *object*

	=============================== ===================================================

    **action-type**

        **Description** 'drop': Log, and drop all packets (default); 'redistribute-route': Log, Drop, and Notify upstream router to reroute the packets; 

        **Type:** string

        **Supported Values:** drop, redistribute-route

        **Default:** drop

    **expiration**

        **Description** To specify time in minutes to revert the action (Expiration time, in minutes (default is 5 mins))

        **Type:** number

        **Range:** 2-144000

        **Default:** 5

    **expiration-route**

        **Description** To specify time in minutes to revert the action (Expiration time, in minutes (default is 60 mins))

        **Type:** number

        **Range:** 2-144000

        **Default:** 60

    **remove-wait-timer**

        **Description** Max time to wait before removing IP from blackhole (Max value in seconds (default 300))

        **Type:** number

        **Range:** 0-300

        **Default:** 300

    **route-map**

        **Description** Route map name

        **Type:** string

        **Maximum Length:** 128 characters

        **Maximum Length:** 1 characters

    **timer-multiply-max**

        **Description** To specify max value of timer multiplier for attacks lasted long time (Max value of timer multiplier (default is 6))

        **Type:** number

        **Range:** 1-100

        **Default:** 6

.. _788_sampling-enable:

sampling-enable
^^^^^^^^^^^^^^^
	=============================== ===================================================
	**Specification**
	=============================== ===================================================
	 **Type**                        *list*

	 **Block object keys**             

	=============================== ===================================================

    **counters1**

        **Description** 'all': all; 'ddos_entries_too_many': Too many DDOS entries; 'ddos_entry_added': DDOS entry added; 'ddos_entry_removed': DDOS entry removed; 'ddos_entry_added_to_bgp': DDoS Entry added to BGP; 'ddos_entry_removed_from_bgp': DDoS Entry Removed from BGP; 'ddos_entry_add_to_bgp_failure': DDoS Entry BGP add failures; 'ddos_entry_remove_from_bgp_failure': DDOS entry BGP remove failures; 'ddos_packet_dropped': DDOS Packet Drop; 

        **Type:** string

        **Supported Values:** all, ddos_entries_too_many, ddos_entry_added, ddos_entry_removed, ddos_entry_added_to_bgp, ddos_entry_removed_from_bgp, ddos_entry_add_to_bgp_failure, ddos_entry_remove_from_bgp_failure, ddos_packet_dropped

.. _788_logging:

logging
^^^^^^^
	=============================== ===================================================
	**Specification**
	=============================== ===================================================
	 **Type**                        *object*

	=============================== ===================================================

    **enable-action**

        **Description** 'local': Enable local logs only; 'remote': Enable logging to remote server & IPFIX; 'both': Enable both local & remote logs; 

        **Type:** string

        **Supported Values:** local, remote, both

        **Default:** local

    **logging-action**

        **Description** 'enable': enable FW DDoS protection logging; 'disable': Disable both local & remote FW DDoS protection logging; 

        **Type:** string

        **Supported Values:** enable, disable

        **Default:** enable

.. _788_stats_data:

stats data
----------
.. list-table::
   :widths: 10 20 30 80
   :header-rows: 2
   :stub-columns: 1

   *  - 
      - Counter
      - Size
      - Description

   *  - 
      - 
      - 
      - 

   *  - 
      - ddos_entry_remove_from_bgp_failure
      - 8
      - DDOS entry BGP remove failures

   *  - 
      - ddos_entry_added
      - 8
      - DDOS entry added

   *  - 
      - ddos_entry_added_to_bgp
      - 8
      - DDoS Entry added to BGP

   *  - 
      - ddos_entry_removed_from_bgp
      - 8
      - DDoS Entry Removed from BGP

   *  - 
      - ddos_packet_dropped
      - 8
      - DDOS Packet Drop

   *  - 
      - ddos_entries_too_many
      - 8
      - Too many DDOS entries

   *  - 
      - ddos_entry_removed
      - 8
      - DDOS entry removed

   *  - 
      - ddos_entry_add_to_bgp_failure
      - 8
      - DDoS Entry BGP add failures

.. _788_oper_data:

operational data
----------------
.. list-table::
   :widths: 10 20 30 80
   :header-rows: 2
   :stub-columns: 1

   *  - 
      - Counter
      - Size
      - Description

   *  - 
      - 
      - 
      - 

   *  - 
      - entries-list
      - 
      - entries-list

   *  - 
      - v4-netmask
      - ipv4-netmask-brief
      - v4-netmask

   *  - 
      - v4-address
      - ipv4-address
      - v4-address

   *  - 
      - v6-prefix
      - ipv6-address-plen
      - v6-prefix

   *  - 
      - details
      - flag
      - details