Random Early Drop
—The firewall
uses an algorithm to progressively start dropping that type of packet. If
the attack continues, the higher the incoming cps rate (above the
Activate
Rate
) gets, the more packets the firewall drops. The
firewall drops packets until the incoming cps rate reaches the
Max
Rate
, at which point the firewall drops all incoming
connections.
Random Early Drop
(RED) is the
default action for
SYN Flood
, and the only
action for
UDP Flood
,
ICMP Flood
,
ICMPv6
Flood
, and
Other IP Flood
. RED
is more efficient than SYN Cookies and can handles larger attacks,
but doesn’t discern between good and bad traffic.