Hi,
You can control by tuning the DDOS.
BRAS# set system ddos-protection protocols re-services captive-portal
BRAS> show ddos-protection protocols re-services captive-portal
Currently tracked flows: 0, Total detected flows: 0
* = User configured value
Protocol Group: RE-services
Packet type: captive-portal (Captive portal IPv4 RE services traffic)
Individual policer configuration:
Bandwidth: 20000 pps
Burst: 20000 packets
Priority: Medium
Recover time: 300 seconds
Enabled: Yes
Bypass aggregate: No
Flow detection configuration:
Detection mode: Automatic Detect time: 3 seconds
Log flows: Yes Recover time: 60 seconds
Timeout flows: No Timeout time: 300 seconds
Flow aggregation level configuration:
Aggregation level Detection mode Control mode Flow rate
Subscriber Automatic Drop 10 pps
Logical interface Automatic Drop 10 pps
Physical interface Automatic Drop 20000 pps
System-wide information:
Bandwidth is never violated
Received: 560278539 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 2629 pps
Routing Engine information:
Bandwidth: 20000 pps, Burst: 20000 packets, enabled
Policer is never violated
Received: 560278539 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 2629 pps
Dropped by aggregate policer: 0
FPC slot 2 information:
Bandwidth: 100% (20000 pps), Burst: 100% (20000 packets), enabled
Policer is never violated
Received: 560278539 Arrival rate: 0 pps
Dropped: 0 Max arrival rate: 2629 pps
Dropped by aggregate policer: 0
Dropped by flow suppression: 0
Regards,
Rahul N