06-15-2003 12:18 PM
Can I disable DoS protection on CSS 11000 ?
My application generates flow, which CSS estimates as DoS and it probably closes this sessions (I see this in statistics).
06-15-2003 12:27 PM
no - you can't disable the dos feature or even tune it.
What is particular about your application ?
Do you have asymetric routing ?
This is often the cause of CSS detecting dos attack.
Gilles.
06-17-2003 10:33 AM
This is not asymmetric routingu problem.
I am sure that, this is application problem , but I have question, how long CSS blocks flow from source, which detected as source DoS?
Krzysztof
08-07-2003 04:10 AM
the CSS does not block.
It just RST the current flow for which it detected the attack.
08-04-2003 08:45 AM
I do have assymetric routing and this DoS detection is killing me. If it cannot be turned off, what is the work-around?
08-05-2003 02:31 AM
Hi Chad,
the only solution to this is avoiding asymetic routing if possible. This can be either done by source-natting VIP traffic via the CSS or pointing the servers-GW/return path for those clientrequests towards the CSS.
All possible solutions for avoiding asymetric routing are depending on the whole setup of the network and not that easy to answer and the above mentioned soltions possibilities are only examples.
Kind Regards,
Joerg
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: