This topic has been marked solved and closed to new posts due to inactivity. We hope you'll join the conversation by posting to an open topic or starting a new one.
We have two behavior of DoS function. 1. Auto-DoS = Enable, Denial of Service list = Enable Switch will disable port automatically when specific packets received and also match in Denial of Service list. 2. Auto-DoS = Disable, Denial of Service list = Enable Switch will drop the packets when specific packets received and also match in Denial of Service list.
So i have some suggestion that may help you figure out the root cause.
If you want to keep port status linkup not disable. Please change Auto-DoS configuration = Disable. Then manual selected the rule you want in Denial of Service list.
(except DoS TCP port + DoS UDP Port)
If you want to disable port when DoS condition work. Please find following step: 1. Disable one rule of Denial of Service. 2. Monitor every port status that will be disabled or not. 3. Disable another rule of Denial of Service. 4. Monitor every port status that will be disabled or not. 5. Repeat above step to check which rule work in Denial of Service list. 6. Check network environment to clean the harmful device.
As we know, NETGEAR smart switches have some automatic disable function when ports meet the conditions. So could you please check following feature enabled on your Switch?
1. Denial of Service Auto-DoS Configuration 2. DHCP Snooping 3. Storm Control 4. Port Security 5. Any loop in your network?
1. Denial of Service = DoS TCP header = 20 / DoS ICMPv4 enabled / max ICMPv4 512 / DoS ICMPv6 enabled / max ICMPv6 512 / all options enabled except DoS TCP port + DoS UDP Port Auto-DoS Configuration = Enabled 2. DHCP Snooping = disabled 3. Storm Control = Ingress control = disabled 4. Port Security = disabled 5. Any loop in your network? = No, have repatched whole switch to be sure.
We have two behavior of DoS function. 1. Auto-DoS = Enable, Denial of Service list = Enable Switch will disable port automatically when specific packets received and also match in Denial of Service list. 2. Auto-DoS = Disable, Denial of Service list = Enable Switch will drop the packets when specific packets received and also match in Denial of Service list.
So i have some suggestion that may help you figure out the root cause.
If you want to keep port status linkup not disable. Please change Auto-DoS configuration = Disable. Then manual selected the rule you want in Denial of Service list.
(except DoS TCP port + DoS UDP Port)
If you want to disable port when DoS condition work. Please find following step: 1. Disable one rule of Denial of Service. 2. Monitor every port status that will be disabled or not. 3. Disable another rule of Denial of Service. 4. Monitor every port status that will be disabled or not. 5. Repeat above step to check which rule work in Denial of Service list. 6. Check network environment to clean the harmful device.
