Configuring transaction rate limit, Prerequisites, Configure transaction rate limit rule set – Brocade Virtual ADX Security Guide (Supporting ADX v03.1.00) User Manual

Page 20

Advertising
background image

8

Brocade Virtual ADX Security Guide

53-1003250-01

Transaction rate limit

1

Ability to apply a default transaction rate limit value to all clients, while maintaining an
exception list.

Ability to apply a different transaction rate limit rate per client IP or prefix.

Ability to exclude specific IP addresses or prefixes from transaction rate limit and maintain an
exclude list.

Ability to apply transaction rate limit to traffic coming to a specific VIP only.

Ability to operate on a per VIP basis, whereby a different rate limit can be applied to traffic
coming to a different VIP.

Setting the system max for the transaction rate limit

To set the system max values for the IPv4 or IPv6 transaction rate limit on a Brocade Virtual ADX,
use the system-max command as follows.

Virtual ADX(config)#system-max trl-limit-v4 10000

Virtual ADX(config)#system-max trl-limit-v6 5000

Syntax: [no] system-max {trl-limit-v4 | trl-limit-v6} limit

The trl-limit-v4 keyword sets the maximum IPv4 transaction rate limit.

The trl-limit-v6 keyword sets the maximum IPv6 transaction rate limit.

The limit variable sets the maximum transation rate limit.

The minimum, maximum and default values for these settings are determined by the license that is
active on your system. For actual values associated with your license, refer to the Brocade Virtual
ADX Licensing Guide.

Configuring transaction rate limit

To enable transaction rate limit, you must configure parameters for each client address/prefix and
apply the transaction rate limit configuration to a specific VIP.

Prerequisites

Before you can configure transaction rate limit, you must configure a virtual server. The following
example shows how to configure a virtual server.

Virtual ADX> enable

Virtual ADX# config terminal

Virtual ADX(config)# server virtual-name-or-ip bwVIP 10.1.1.33

Syntax: [no] server virtual-name-or-ip vip-name-or-address ip address

Configure transaction rate limit rule set

The transaction rate limit parameters are grouped into a set and each set is associated with a
name. To create a set of transaction rate limit rules, follow these steps.

1. Enable privileged EXEC mode.

Virtual ADX> enable

2. Enter global configuration mode.

Advertising
Popular Brands
Popular manuals