Configuring connection limit at the cli, Connection limit configuration task list, Creating a connection limit policy – H3C Technologies H3C SecPath F1000-E User Manual
Page 118: Configuring the connection limit policy
108
Configuring connection limit at the CLI
Connection limit configuration task list
Complete the following tasks to configure connection limiting:
Task Remarks
Creating a connection limit policy
Required
Configuring the connection
limit policy
Configuring an IP address-based
connection limit rule
Required
Applying the connection limit policy
Required
Creating a connection limit policy
A connection limit policy comprises a set of connection limit rules, which define the valid range and
parameters for the policy.
To create a connection limit policy:
Step Command
1.
Enter system view.
system-view
2.
Create a connection limit
policy and enter its view.
connection-limit policy policy-number
Configuring the connection limit policy
A connection limit policy can contain multiple connection limit rules. Each rule defines an object or range
to limit the connections that match the rule. For a connection that does not match the rule, the device
allows the traffic through the connection to pass. The device only supports IP address-based connection
limit rules.
Configuring an IP address-based connection limit rule
The limit rules are matched in ascending order of rule ID. When you configure connection limit rules for
a policy, check the rules and their order carefully. H3C recommends arrange the rules in ascending
order of granularity and range.
To configure an IP address-based connection limit rule:
Step Command
1.
Enter system view.
system-view
2.
Enter connection limit policy
view.
connection-limit policy policy-number