What You’ll Need:
- A Dell Force10 S4810P switch
- A console cable or network access to the switch
- Terminal application (like PuTTY for Windows or Terminal for macOS) or SSH client
Steps:
- Connect to your Dell Force10 S4810P switch: Use a console cable or SSH to connect to your switch. (Refer to the previous tutorials for detailed instructions on how to do this.)
- Enter the configuration mode: At the command line prompt, type
configure
and press Enter. - Define an Access Control List (ACL) for the IP addresses you want to block: ACLs are used to control network traffic based on various criteria, including IP addresses. Use the
ip access-list extended <ACL-name>
command to create a new ACL. Replace<ACL-name>
with a name for your ACL. Example:ip access-list extended BLOCK_DDOS
- Add entries to your ACL to block the IP addresses: Use the
deny ip host <IP-address> any
command to add entries to your ACL that block specific IP addresses. Replace<IP-address>
with the IP address you want to block. Example:deny ip host 192.0.2.1 any
You can repeat this step to block multiple IP addresses. - Apply the ACL to an interface: Identify the interface(s) you want to apply the ACL to. For example, to choose Ten Gigabit Ethernet port 0/1, you would use the command
interface TenGigabitEthernet 0/1
and press Enter. Then, apply the ACL to the interface using theip access-group <ACL-name> in
command. Example:ip access-group BLOCK_DDOS in
- Save your configuration: Once everything is set up to your satisfaction, use the
end
command to exit configuration mode, thencopy running-config startup-config
to save your changes. If you don’t do this, your configuration will be lost when the switch is rebooted.
Blocking IP addresses at the switch level is a potent tool during a DDoS attack. It allows you to prevent traffic from the attacking IPs from entering your network, thus mitigating the impact of the attack.