Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
579
Views
0
Helpful
1
Replies

CSM and SYN attack

p.buitelaar
Community Member

‎06-21-2005 04:20 AM

Hello,

We did a test initiating a lot of tcp connections (90,000) to the CSM.

The CSM load-balanced the tcp connections evenly across the web-servers, but my http probe took the servers out of service, because it could not get a reply from the webservers.

I don't want to increase the amount of probe retries, because if the increasing detection time in case of a real failure.

Is there any other way to change this behaviour?

Is there any way to limit the incoming tcp connections to the csm on soure ip or source mac basis?

Pieter-Jon Buitelaar

Labels:
0 Helpful
1 Reply 1

Gilles Dufour
Cisco Employee
Cisco Employee

‎06-22-2005 09:01 AM

Pieter,

there is no way to limit traffic per source ip/mac.

What you can try is limit the number of active open connections using the maxconns command under the real server definition.

If you really want to protect your servers and CSM you will need some IDS device sitting in front of the CSM.

Regards,

Gilles.

0 Helpful
Customers Also Viewed These Support Documents

Review Cisco Networking for a $25 gift card