4000 Router Series Security Command Reference

ManualsBrandsHP ManualsNetwork HardwareHP MSR3024 TAA-compliant AC Router

391

392

393

394

395

396

397

398

399

400

389

Field Descri

tion

VPN instance

MPLS L3VPN to which the IP address belongs. "---" indicates that IP address is on the

public network.

Tunnel ID

ID of DS Lite Tunnel. "---" indicates that the connection does not belong to any DS Lite

Tunnel.

Service

Protocol name and service port number. An unwell-known protocol is displayed as

"unknown(xx)," where "xx" indicates the protocol number. For the ICMP protocol,

"xx" indicates the hexadecimal number of the type and code field, which is

represented in decimal notation.

Sessions threshold

Hi/Lo

Upper connection limit/lower connection limit.

Sessions count Number of current connections.

New session flag

Whether or not new connections can be created:

• Permit—New connections can be created.

• Deny—New connections cannot be created.

Related commands

• connection-limit apply global policy

• connection-limit apply policy

• connection-limit policy

• limit

limit

Use limit to configure a connection limit rule.

Use undo limit to remove the specified connection limit rule.

Syntax

limit limit-id acl [ ipv6 ] { acl-number | name acl-name } [ per-destination | per-service | per-source ] *

amount max-amount min-amount

undo limit limit-id

Default

No connection limit rule exists in the connection limit policy.

Views

IPv4 connection limit policy view, IPv6 connection limit policy view

Predefined user roles

network-admin

Parameters

limit-id: Specifies the ID of a connection limit rule. The value range for this argument is 1 to 256.

acl: Specifies the ACL that matches the user range. Only the user connections matching the ACL are

limited.