Table of Contents
Advertisement
http: Specifies connections of the HTTP protocol.
•
•
ip: Specifies connections of the IP protocol.
tcp: Specifies connections of the TCP protocol.
•
udp: Specifies connections of the UDP protocol.
•
max-connections max-num: Maximum number of the connections in the range of 0 to 1000000. .
per-destination: Limits connections by destination address.
per-source: Limits connections by source address.
per-source-destination: Limits connections by source-desitnation address pair.
Description
Use the limit command to configure an IP address-based conneciton limit policy rule.
Use the undo limit command to remove a conneciton limit policy rule.
Any two rules of one policy must have different rule criteria.
The connection limit rules become invalid if the VPN instance with which the rules are associated are
removed.
The connection limit rules in a policy are matched in ascending order of rule ID. If the source addresses,
destination addresses, or protocols in two rules are overlapped, the first matched rule takes effect.
Therefore, take the match order into consideration when assigning the rules IDs. HP recommends
arranging the rule by limit granularity and limit range in ascending order.
Related commands: connection-limit policy, display connection-limit policy.
Examples
# Configure connection limit rule 1 for policy 1 to limit TCP connections sourced from 1.1.1.1 with the
upper connection limit of 200.
<Sysname> system-view
[Sysname] connection-limit policy 0
[Sysname-connection-limit-policy-0]
max-connections 200
# Configure connection limit rule 2 to limit UDP connections destined to 2.2.2.2 with the upper
connection limit of 200.
[Sysname-connection-limit-policy-0] limit 2 destination ip 2.2.2.2 32 protocol udp
max-connections 200
# Configure connection limit rule 3 to limit IP connections sourced from the segment 1.1.1.0/24 with the
upper connection limit of 200.
[Sysname-connection-limit-policy-1]
max-connections 200 per-source
# Configure connection limit rule 4 to limit IP connections destined to the segment 2.2.2.0/24 with the
upper connection limit of 200.
[Sysname-connection-limit-policy-0] limit 4 destination ip 2.2.2.0 24 protocol ip
max-connections 200 per-destination
# Configure connection limit rule 5 to limit IP connections from vpn1 to vpn2 with the upper connection
limit of 200.
[Sysname-connection-limit-policy-0] limit 5 source ip any source-vpn vpn1 destination ip
any destination-vpn vpn2 protocol ip max-connections 200
limit
1
source
ip
limit
3
source
30
1.1.1.1
32
protocol
ip
1.1.1.0
24
protocol
tcp
ip
Advertisement
Table of Contents
