Random Early Drop
—The
firewall uses an algorithm to progressively start dropping that
type of packet. If the attack continues, the higher the incoming
cps rate (above the
Activate Rate
) gets,
the more packets the firewall drops. The firewall drops packets
until the incoming cps rate reaches the
Max Rate
,
at which point the firewall drops all incoming connections.
Random
Early Drop
(RED) is the default action for
SYN
Flood
, and the only action for
UDP Flood
,
ICMP
Flood
,
ICMPv6 Flood
, and
Other
IP Flood
. RED is more efficient than SYN Cookies and
can handles larger attacks, but doesn’t discern between good and
bad traffic.