If we have the UDPCONFIG parameter UDPQUEUELIMIT coded, is there any point in using an IDS TR policy for a UDP port?

Question & Answer

Question

In our TCP/IP stack profile, we have coded the UDPQUEUELIMIT parameter on the UDPCONFIG statement to limit the number of incoming UDP datagrams to 2000 for each UDP socket. Is there any point in also coding an Intrusion Detection Sysem (IDS Traffic Regulation (TR) policy for a UDP port?

Answer

UDPQUEUELIMIT sets a limit of 2000 incoming datagrams that is applied to each UDP socket. If you have a UDP application that needs to allow more (or less) datagrams to be queued then a UDP TR policy rule can be configured to specify that a larger (or smaller) queue size should be enforced for that application. The LocalPortRange and optionally the LocalHostAddr are specified to identify the UDP application for which the limit should be applied. UDPQUEUELIMIT would still be in place for any UDP application that did not have a UDP TR rule in place. In general you will want a value of LIMIT for the corresponding IDSAction.

[{"Business Unit":{"code":"BU054","label":"Systems w\/TPS"},"Product":{"code":"SSSN3L","label":"z\/OS Communications Server"},"Platform":[{"code":"PF035","label":"z\/OS"}],"Component":"","Version":"","Line of Business":{"code":"LOB35","label":"Mainframe SW"}}]

Product Synonym

ZOSCS COMMSERVER

Was this topic helpful?

Document Information

Modified date:
15 October 2015

UID

dwa1233450

Tips