Manualshelf

Management and Configuration Guide K/KA/KB.15.15

ManualsBrandsHP ManualsNetwork HardwareHP 5406R-8XGT/8SFP+ (No PSU) v2 zl2 Switch
71727374757677787980
usage in the policy enforcement engine is based on how these features are configured on the
switch:
Resource usage by dynamic port ACLs and VT is determined as follows:
Dynamic port ACLs configured by a RADIUS server (with or without the optional IDM
application) for an authenticated client determine the current resource consumption for
this feature on a specified slot. When a client session ends, the resources in use for that
client become available for other uses.
A VT configuration (connection-rate filtering) on the switch does not affect switch resources
unless traffic behavior has triggered either a throttling or blocking action on the traffic
from one or more clients. When the throttling action ceases or a blocked client is
unblocked, the resources used for that action are released.
When the following features are configured globally or per-VLAN, resource usage is applied
across all port groups or all slots with installed modules:
ACLs
QoS configurations that use the following commands:
QoS device priority (IP address) through the CLI using the qos device-priority
command
QoS application port through the CLI using qos tcp-port or qos udp-port
VLAN QoS policies through the CLI using service-policy
Management VLAN configuration
DHCP snooping
Dynamic ARP protection
Remote mirroring endpoint configuration
Mirror policies per VLAN through the CLI using monitor service
Jumbo IP-MTU
When the following features are configured per-port, resource usage is applied only to the
slot or port group on which the feature is configured:
ACLs or QoS applied per-port or per-user through RADIUS authentication
ACLs applied per-port through the CLI using the ip access-group or ipv6
traffic-filter commands
QoS policies applied per port through the CLI using the service-policycommand
Mirror policies applied per-port through the CLI using the monitor all service and
service-policycommands
ICMP rate-limiting through the CLI using the rate-limit icmpcommand
VT applied to any port (when a high-connection-rate client is being throttled or blocked)
Usage notes for show resources output
A 1:1 mapping of internal rules to configured policies in the switch does not necessarily exist.
As a result, displaying current resource usage is the most reliable method for keeping track
of available resources. Also, because some internal resources are used by multiple features,
deleting a feature configuration may not increase the amount of available resources.
Resource usage includes resources actually in use or reserved for future use by the listed
features.
Viewing information on resource usage 73