configure dos-protect trusted ports

configure dos-protect trusted-ports [ports [ports | all] | add-ports [ports-to-add | all] | delete-ports [ports-to-delete | all]]

Description

Configures the list of trusted ports.

Syntax Description

ports

Specifies the trusted ports list.

ports-to-add

Specifies the ports to add to the trusted ports list.

all

Specifies all the ports.

ports-to-delete

Specifies the ports to delete from the trusted ports list.

Default

N/A.

Usage Guidelines

Traffic from trusted ports will be ignored when DoS protect counts the packets to the CPU. If we know that a machine connected to a certain port on the switch is a safe "trusted" machine, and we know that we will not get a DoS attack from that machine, the port to which this machine is connected can be configured as a trusted port, even though a large amount of traffic is going through this port.

Example

This example sets the trusted port list to 3:1-3:7:
configure dos-protect trusted-ports ports 3:1-3:7
This example adds the trusted port 3:8 to the current list (use this command with a network administrator machine not connected to the internet that is attached to port 3:8):
configure dos-protect trusted-ports add-ports 3:8

History

This command was first available in ExtremeXOS 11.1.

Platform Availability

This command is available on ExtremeSwitching X435, X440-G2, X450-G2, X460-G2, X465, X590, X620, X670-G2, X690, X695, X870, 5320, 5420, and 5520 series switches.