Configure a transaction rate limit default – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual

ServerIron ADX Security Guide

9

53-1002440-03

Transaction Rate Limit (TRL)

1

1. Enable privileged EXEC mode.

ServerIronADX> enable

2. Enter global configuration mode.

ServerIronADX# configure terminal

3. Specify the name of the transaction rate limit rule set and enter client transaction rate limit

configuration mode.

ServerIronADX(config)# client-trans-rate-limit tcp TRL1

Syntax: [no] client-trans-rate-limit tcp | udp | icmp <name>

4. Specify the trl parameter for the client subnet and the exclude keyword.

For IPv4:

ServerIronADX(config-client-trl-TRL1)# trl 100.1.1.0 255.255.255.0 exclude

For IPv6:

ServerIronADX(config-client-trl-TRL1)# trl 300::1/128 exclude

Syntax: [no] trl { <client-IPv4> <client-mask> | <client-IPv6> <prefix> } exclude

Configure a transaction rate limit default

You can specify a default transaction rate limit configuration for all other clients that are not
explicitly configured. To create a transaction rate limit default for a group, follow these steps.

1. Enable privileged EXEC mode.

ServerIronADX> enable

2. Enter global configuration mode.

ServerIronADX# configure terminal

3. Specify name of transaction rate limit rule set and enter client transaction rate limit

configuration mode.

ServerIronADX(config)# client-trans-rate-limit tcp TRL1

Syntax: [no] client-trans-rate-limit tcp | udp | icmp <name>

4. Specify the default trl parameter for this group.

ServerIronADX(config-client-trl)# trl default monitor-interval 3 conn-rate 10

hold-down-time 1

Syntax: [no] trl default monitor-interval <mon-value> conn-rate <con-value> hold-down-time

<hold-down-value>