According to the admin manual: " Device > Setup > Session ICMPv6 Token Bucket Size Enter the bucket size for rate limiting of ICMPv6 error messages. The token bucket size is a parameter of the token bucket algorithm that controls how bursty the ICMPv6 error packets can be (range 10-65535 packets, default 100). ICMPv6 Error Packet Rate Enter the average number of ICMPv6 error packets per second allowed globally (range 10-65535 packets/sec, default 100). This value applies to all interfaces. " " Network > Network Profiles > Zone Protection Flood Protection Thresholds - ICMPv6 Flood Alarm Rate Enter the number of ICMPv6 echo requests (pings) received per second that triggers an attack alarm. Activate Rate Enter the number of ICMPv6 packets received per second for the zone that causes subsequent ICMPv6 packets to be dropped. Metering stops when the number of ICMPv6 packets drops below the threshold Maximal rate Enter the maximum number of ICMPv6 packets able to be received per second. Any number of packets exceeding the maximum will be dropped. " The stuff in device session only seems to monitor error packets while the stuff in zone protection is echo requests for alarm rate and all icmp packets for activate/maximal rate. So a followup question might be shouldnt the token bucket size always be equal or larger than the error packet rate (since they both act on the same type of packets)? To me the natural setting to display this statistics would be "show counter", but the manual isnt really clear of what all suboptions might bring you. Perhaps "show counter category fpga" could display these values?
... View more