Manualshelf

R3303-HP HSR6800 Routers Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP HSR68xx Configure-to-Order Router Solution
431432433434435436437438439440
418
limit 0 source ip 3.3.3.0 24 source-vpn vpn1 destination ip any protocol tcp
max-connections 200 per-source
Table 65 Command output
Field Descri
p
tion
Connection-limit policy Number of the connection limit policy.
refcount 0, 1 limits Number of times that the policy is applied and number of rules in the policy.
limit xxx Rule in the policy. For more information, see the limit command.
Related commands
limit
limit
Use limit to configure an IP address-based connection limit policy rule. Within a connection limit policy,
the criteria of each rule must be unique.
Use undo limit to remove a connection limit policy rule.
Syntax
limit limit-id { source ip { ip-address mask-length | any } [ source-vpn src-vpn-name ] | destination ip
{ ip-address mask-length | any } [ destination-vpn dst-vpn-name ] } * protocol { dns | http | ip | tcp |
udp } max-connections max-num [ per-destination | per-source | per-source-destination ]
undo limit limit-id
Views
Connection limit policy view
Default command level
2: System level
Parameters
limit-id: Specifies the ID of a rule in the connection limit policy, in the range of 0 to 255.
source ip: Specifies the source IP address of the connections to be limited.
ip-address mask-length: Specifies the IP address and its mask length. The mask-length argument is in the
range of 1 to 32.
any: Specifies all IP addresses on the specified network. For example, source ip any specifies all hosts on
the source network.
source-vpn src-vpn-name: Specifies a source MPLS L3VPN to which the connections belong, where
src-vpn-name is a case-sensitive string of 1 to 31 characters. If the connections are in the public network,
do not specify this keyword and argument combination.
destination ip: Specifies the destination IP address of the connections to be limited.
destination-vpn dst-vpn-name: Specifies a destination MPLS L3VPN to which the connections belong,
where dst-vpn-name is a case-sensitive string of 1 to 31 characters. If the connections are in the public
network, do not specify this keyword and argument combination.
protocol: Specifies the protocol of the connections.