Table of Contents
Advertisement
HP Switch(config)# show config
Startup configuration:
; J9573A Configuration Editor; Created on release #KA.15.03
; Ver #01:00:01
hostname "HP Switch"
connection-rate-filter sensitivity high
ip access-list connection-rate-filter "17-server"
ignore ip 15.45.50.17 0.0.0.0
exit
module 1 type J9573x
ip routing
snmp-server community "public" Unrestricted
snmp-server host 15.45.200.75 "public"
vlan 1
name "DEFAULT_VLAN"
untagged 1-9, 14-24
ip address 10.10.10.145 255.255.255.0
no untagged 10-13, 21-22
ip proxy-arp
exit
vlan 10
name "VLAN10"
untagged 10-13
no ip address
ip proxy-arp
exit
vlan 15
name "VLAN15"
untagged 21-22
no ip address
ip proxy-arp
ip access-group "17-server" connection-rate-filter
exit
filter connection-rate 14 notify-only
filter connection-rate 10-13 throttle
filter connection-rate 19,21-22 block
Figure 3-10. Example of Switch Configuration Display with a Connection-Rate ACL
Connection-Rate ACL Operating Notes
ACE Types: A connection-rate ACL allows you to configure two types
■
of ACEs (Access Control Entries):
ignore < source-criteria >: This ACE type directs the switch to permit
•
all inbound traffic meeting the configured < source-criteria > without
filtering the traffic through the connection-rate policy configured on
the port through which the traffic entered the switch. For example,
ignore host 15.45.120.70 tells the switch to permit traffic from the host
at 15.45.120.70 without filtering this host's traffic through the connec-
tion-rate policy configured for the port on which the traffic entered
the switch.
Virus Throttling (Connection-Rate Filtering)
Configuring and Applying Connection-Rate ACLs
The new switch configuration
includes the ACL configured in
figure 3-9.
Shows the assignment of the
above connection-rate ACL to
VLAN 15.
3-27
Hide quick links:
Advertisement
Table of Contents
