Configuring http trl, Configuring http trl client – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual
Page 32
18
ServerIron ADX Security Guide
53-1002440-03
Configuring HTTP TRL
1
•
Rate-limiting functionality must support rate over time and total connections, based on
customer ID.
•
Max-conn currently works only for HTTP1.0.
•
This feature supports http redirect, or drop client response actions once rate-limit has been
exceeded.
•
This feature provides event and threshold alert monitoring and notification, based on specific
customer connection SLAs.
Configuring HTTP TRL
This section describes how to configure the HTTP TRL feature.
NOTE
For traffic going through a VIP, Brocade recommends that you apply the TRL policy to the VIP and
Interface.
Configuring HTTP TRL client
Use the following procedures to configure the HTTP TRL client rate limit and the client maximum
connection.
Configuring HTTP TRL client rate limit
To configure the HTTP TRL client rate limit, follow these steps.
1. Define an HTTP TRL policy.
ServerIronADX(config)# http-trl-policy p1
Syntax: [no] http-trl-policy <policy-name>
2. Configure an HTTP TRL client rate limit.
ServerIronADX(config-http-trl-p1)# client-name c1 monitor-interval 1 10 20 0
Syntax: [no] client-name <client-name> monitor-interval <interval-value> <warning-rate>
<shutdown-rate> <holddown-interval>
For more detailed command information, refer to
3. Configure the action to take if a client exceeds the configured rate limit (optional).
ServerIronADX(config-http-trl-p1)# client-name c1 exceed-action reset
Syntax: [no] client-name <client-name> exceed-action reset
Configuring HTTP TRL client maximum connection
To configure HTTP TRL client maximum connection, follow these steps.
1. Define an HTTP TRL policy.
ServerIronADX(config)# http-trl-policy p1