Global trl – Brocade Communications Systems ServerIron ADX 12.4.00a User Manual
Page 28

14
ServerIron ADX Security Guide
53-1002440-03
Transaction Rate Limit (TRL)
1
Syntax: trl {default | {
monitor-interval
default - Specifies default transaction rate limit parameter.
exclude - Specifies to exclude the prefix from transaction rate limit.
monitor-interval - Specifies time interval for monitoring in 100ms.
conn-rate - Specifies connection rate.
hold-down-time - Specifies time for holding down source.
Command modes
Global configuration mode.
Global TRL
If TRL per client subnet is not needed, Global TRL can be used to create a configuration to apply to
all the incoming traffic.
Use ip [tcp | udp | icmp] trans-rate to enable TRL on the ServerIron for TCP, UDP, or ICMP traffic. If
any more than a specified number packets per second come from the same IP address over a
specified interval, then all traffic from that IP address is held down for a specified number of
minutes.
Syntax: [no] ip [tcp | udp | icmp] trans-rate monitor-interval
hold-down-time
monitor-interval
specified in increments of 100ms. For example, to measure traffic over a 1 second interval, you
would specify 10 for this.
conn-rate
Traffic exceeding this rate over the specified interval is subject to hold down.
hold-down-time
packets at rate higher than the configured threshold is to be held down.
Example
ServerIronADX(config)# ip tcp trans-rate monitor-interval 600 conn-rate 100
hold-down-time 5
This command configures the ServerIron to monitor incoming TCP traffic. If more than 100 TCP
connections per second arrive from the same IP address over a 60-second interval (600 X 100ms),
then all TCP traffic from that IP address is held down for 5 minutes.
To apply TRL to TCP traffic coming into port 80 on interface 1/1.