The question about the DDoS Protection

Posted by simon

Hi Dimitri,

From my point, that parameter is 10 as default value on AX. So I think that means our AX as HTTP proxy we can buffer the max out of sequence packages in one tcp connection. I mean the AX received those packages from client as following. the bad guy send those packages which is number from 1,3,5,7,9,… until to 25. AX received all of those packages, then AX keep buffer those pakcages and waiting for the packages of 2,4,6,8, until to 20. Total threshold is 10. if AX find it need retry and waiting for the packages over 10 numbers under one connection. Then AX can drop those buffer packages. Is it right?