Configuring an HTTP DoS service

After you configure an HTTP DoS policy, you must configure a service for your policy. The service accepts HTTP traffic that is protected by the HTTP DoS policy.

Configure an HTTP DoS service by using the CLI

At the command prompt, type one of the following commands to configure an HTTP DoS service and verify the configuration:

add service <name>@ (<IP>@ | <serverName>@) HTTP <port> [-maxClient <positive_integer>] [-maxReq <positive_integer>] -state ENABLED
set service <name>@ (<IP>@ | <serverName>@) HTTP <port> [-maxClient <positive_integer>] [-maxReq <positive_integer>] -state ENABLED

Example:

add service ser-HTTP-Dos1 10.102.29.40 HTTP 87
 Done
set service ser-HTTP-Dos1 -maxReq 20
 Done
show service
1)      srv-http-10 (10.102.29.30:80) - HTTP
        State: DOWN
        Last state change was at Wed Jul  8 07:49:52 2009
        Time since last state change: 34 days, 00:48:18.700
        Server Name: 10.102.29.30
        Server ID : 0   Monitor Threshold : 0
        Max Conn: 0     Max Req: 0      Max Bandwidth: 0 kbits
        Use Source IP: NO
        Client Keepalive(CKA): NO
        Access Down Service: NO
        TCP Buffering(TCPB): NO
        HTTP Compression(CMP): NO
        Idle timeout: Client: 180 sec   Server: 360 sec
        Client IP: DISABLED
        Cacheable: NO
        SC: OFF
        SP: OFF
        Down state flush: ENABLED
         .
         .
         .

5)      ser-HTTP-Dos1 (10.102.29.40:87) - HTTP
        State: DOWN
        Last state change was at Tue Aug 11 08:23:40 2009
        Time since last state change: 0 days, 00:14:30.300
        Server Name: 10.102.29.40
        Server ID : 0   Monitor Threshold : 0
        Max Conn: 0     Max Req: 20     Max Bandwidth: 0 kbits
        Use Source IP: NO
        Client Keepalive(CKA): NO
        Access Down Service: NO
        TCP Buffering(TCPB): NO
        HTTP Compression(CMP): YES
        Idle timeout: Client: 180 sec   Server: 360 sec
        Client IP: DISABLED
        Cacheable: NO
        SC: OFF
        SP: OFF
        Down state flush: ENABLED
 Done

Configure an HTTP DoS service by using the GUI

  1. Navigate to Traffic Management > Load Balancing > Services.
  2. In the details pane, do one of the following:
    • To create a new service, click Add.
    • To modify an existing service, select the service, and then click Open.
  3. In the Create Server or Configure Server dialog box, specify values for the following parameters, which correspond to the descriptions in “Parameters for configuring an HTTP DoS service” as follows (asterisk indicates a required parameter):
    • Service Name*—name (You cannot change the name of an existing service.)
    • Server*—IP or serverName (Specify one or the other, not both.)
    • Port*—port
  4. If the Enable Service check box is not selected, select it.
  5. Select the Advanced tab, and select the Override Global check box to enable those choices.
  6. Specify values for the following parameters.
    • Max Clients*—maxClient
    • Max Requests*—maxReq
  7. Click Create or OK, and then click Close. The service appears in the list of services.

Configuring an HTTP DoS service