Brocade Communications Systems 12.4.00a Manual De Usuario
ServerIron ADX Security Guide
7
53-1002440-03
Transaction Rate Limit (TRL)
1
BP utilization threshold
The bp-utilization-threshold command allows you to specify a threshold for BP CPU utilization.
Define this command under the global configuration mode.
Define this command under the global configuration mode.
When the threshold is exceeded, the event is logged and a trap is sent. The log and trap are
rate-limited to one per two minutes.
rate-limited to one per two minutes.
The command takes a percentage string as parameter.
Example
ServerIronADX(config)# bp-utilization-threshold 80.5%
Syntax: bp-utilization-threshold <percentage>
MP utilization threshold
The mp-utilization-threshold command specifies a threshold for BP CPU utilization. Define this
command under the global configuration mode.
command under the global configuration mode.
When the threshold is exceeded, the event is logged and a trap is sent. The log and trap are
rate-limited to one every two minutes.
rate-limited to one every two minutes.
The command takes a percentage string as parameter.
Example
ServerIronADX(config)# mp-utilization-threshold 80.5%
Syntax: mp-utilization-threshold <percentage>
Transaction Rate Limit (TRL)
Transaction Rate Limit, allows the ServerIron ADX to monitor and limit traffic from any one IP
address.
address.
Understanding transaction rate limit
Transaction Rate Limit counts the number of transactions received from any one IP address. If the
transaction count exceeds a specified threshold value, traffic from that IP address is held and not
processed for a specified number of minutes.
transaction count exceeds a specified threshold value, traffic from that IP address is held and not
processed for a specified number of minutes.
Transaction rate limit provides the flexibility to specify different configurations for different clients,
based on the client IP address/prefix.
based on the client IP address/prefix.
Transaction rate limit provides the following benefits:
•
Ability to apply a default transaction rate limit value to all clients, while maintaining an
exception list.
exception list.
•
Ability to apply a different transaction rate limit rate per client IP or prefix.
•
Ability to exclude specific IP addresses or prefixes from transaction rate limit and maintain an
exclude list.
exclude list.
•
Ability to apply transaction rate limit to traffic coming to a specific VIP only.