configure dos-protect trusted ports

configure dos-protect trusted-ports [ports [ports | all] | add-ports [ports-to-add | all] | delete-ports [ports-to-delete | all]]


Configures the list of trusted ports.

Syntax Description


Specifies the trusted ports list.


Specifies the ports to add to the trusted ports list.


Specifies all the ports.


Specifies the ports to delete from the trusted ports list.



Usage Guidelines

Traffic from trusted ports will be ignored when DoS protect counts the packets to the CPU. If we know that a machine connected to a certain port on the switch is a safe "trusted" machine, and we know that we will not get a DoS attack from that machine, the port to which this machine is connected can be configured as a trusted port, even though a large amount of traffic is going through this port.


This example sets the trusted port list to 3:1-3:7:
configure dos-protect trusted-ports ports 3:1-3:7
This example adds the trusted port 3:8 to the current list (use this command with a network administrator machine not connected to the internet that is attached to port 3:8):
configure dos-protect trusted-ports add-ports 3:8


This command was first available in ExtremeXOS 11.1.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X695, X870, 5320, 5420, and 5520 series switches.