This command enables L4 Port Denial of Service protections. If the mode is enabled, Denial of Service prevention is active for this type of attack. If packets ingress having Source TCP/UDP Port Number equal to Destination TCP/UDP Port Number, the packets will be dropped if the mode is enabled.
Note
Some applications mirror source and destination L4 ports - RIP (Routing Information Protocol) for example uses 520 for both. If you enable dos-control l4port, applications such as RIP may experience packet loss which would render the application inoperable.Default | Disabled |
Format | dos-control l4port |
Mode | Global Config |