This is a warning alarm generated because the "Inbound Rate Limit Discarded ICMPv6 Packets/sec" counter (under the object "IPSec DOS Protection" in the performance monitor tool) exceeded a defined threshold. "Inbound Rate Limit Discarded ICMPv6 Packets/sec" is the rate at which ICMPv6 packets are received on a public interface and discarded because they exceeded the rate limit for ICMPv6 packets per second. This alarm is cleared when the counter returns to healthy levels.
This is a warning alarm generated because the "Inbound Rate Limit Discarded ICMPv6 Packets/sec" counter (under the object "IPSec DOS Protection" in the performance monitor tool) exceeded a defined threshold. "Inbound Rate Limit Discarded ICMPv6 Packets/sec" is the rate at which ICMPv6 packets are received on a public interface and discarded because they exceeded the rate limit for ICMPv6 packets per second. ICMPv6 Echo Request and Reply messages are used to determine the closest Teredo relay that can be used to communicate with an IPv6 host. This alarm is cleared when the counter returns to healthy levels.
Monitor the server for signs of a spoofing attack. If an attack is not discovered, raise the threshold setting for this counter to prevent false alarms.
| Target | Network_Security_Class |
| Parent Monitor | System.Health.PerformanceState |
| Category | PerformanceHealth |
| Enabled | True |
| Instance Name | IPsec DoS Protection |
| Counter Name | Inbound Rate Limit Discarded ICMPv6 Packets/sec |
| Frequency | 300 |
| Alert Generate | False |
| Alert Auto Resolve | True |
| Monitor Type | System.Performance.ConsecutiveSamplesThreshold |
| Remotable | True |
| Accessibility | Public |
| RunAs | Default |
Home
<UnitMonitor ID="Network_Security_ICMPQueueOverflow_Warning" Accessibility="Public" Enabled="true" Target="Network_Security_Class" ParentMonitorID="Health!System.Health.PerformanceState" Remotable="true" Priority="Normal" TypeID="Performance!System.Performance.ConsecutiveSamplesThreshold" ConfirmDelivery="false">
<Category>PerformanceHealth</Category>
<OperationalStates>
<OperationalState ID="ConditionFalse" MonitorTypeStateID="ConditionFalse" HealthState="Success"/>
<OperationalState ID="ConditionTrue" MonitorTypeStateID="ConditionTrue" HealthState="Warning"/>
</OperationalStates>
<Configuration>
<ComputerName>$Target/Host/Host/Host/Property[Type="Windows!Microsoft.Windows.Computer"]/NetworkName$</ComputerName>
<CounterName>Inbound Rate Limit Discarded ICMPv6 Packets/sec</CounterName>
<ObjectName>IPsec DoS Protection</ObjectName>
<InstanceName/>
<AllInstances>false</AllInstances>
<Frequency>300</Frequency>
<Threshold>20</Threshold>
<Direction>greater</Direction>
<NumSamples>5</NumSamples>
</Configuration>
</UnitMonitor>