R3204P16-HP Load Balancing Module Security Configuration Guide-6PW101
174
Connection limit configuration
NOTE:
The LB module supports the connection limit configuration only at the CLI.
Connection limit overview
An internal user that initiates a large quantity of connections to external networks in a short period of time
occupies large amounts of system resources of the device, making other users unable to access network
resources normally. An internal server that receives large numbers of connection requests within a short
time cannot process them in time or accept other normal connection requests. To avoid such situations,
you can configure a connection limit policy to collect statistics on and limit the number of connections.
Connection limit configuration task list
Complete the following tasks to configure connection limiting:
Task Remarks
Creating a connection limit policy Required
Configuring an IP address-based connection limit rule Required
Applying the connection limit policy Required
Creating a connection limit policy
A connection limit policy comprises a set of connection limit rules, which define the valid range and
parameters for the policy.
Follow these steps to create a connection limit policy:
To do… Use the command…
Remarks
Enter system view system-view —
Create a connection limit policy
and enter its view
connection-limit policy
policy-number
Required
Configuring the connection limit policy
A connection limit policy contains one or more connection limit rules, each specifying an object or range
for the limit. A user connection matching a rule will be limited based on the parameters in the rule.