Nortel Web OS Switch Software Application Manual page 181

3. Set the timewin parameter and calculate the total time window in seconds.
>> # /cfg/slb/adv/timewin 3
The total time window is a multiple of fastage (for information on fastage, see the Con-
figuration chapter in the Web OS 10.0 Command Reference). The total time window is calcu-
lated with the following equation:
Total Time window = timewin x fastage
If the default value for fastage is 1 second, then the configured total time window is 3 sec-
onds.
N
OTE
over a specified time window is 30 TCP connections for every 3 seconds (or 10 TCP connec-
tions per second).
For a small site, 30 TCP connections per second provides a good indication if your site is being
attacked. The default is 100 TCP connections per second. For larger sites, TCP rate limit
greater than 2550 connection per second indicates the possibility that your switch is under
attack.
4. Set the holddur parameter and calculate the hold down time in minutes.
>> # /cfg/slb/adv/holddur 2
The hold down time is a multiple of slowage (for information on slowage, see the Config-
uration chapter in the Web OS 10.0 Command Reference). The hold down time is calculated
with the following equation:
Hold down time = holddur x slowage
If slowage is set to the default value of 0 (2 minutes), then the configured value for hold
down time is
Hold down time = 2 x 2 = 4 minutes
If a client exceeds the TCP rate limit, then the client is not allowed to make any new TCP con-
nections for 4 minutes.
The following two configuration examples illustrate how to use TCP rate limiting to limit user
access based on source IP address and virtual IP address.
212777-A, February 2002
–
From Step 2 and 3, the TCP rate limit defined as the maximum number of connections
Web OS 10.0 Application Guide
(Set the time window)
(Set the hold duration)
Chapter 7: Filtering
n
181