R0106-HP MSR Router Series Security Configuration Guide(V7)
387
[Router-acl-adv-3001] quit
# Create connection limit policy 1.
[Router] connection-limit policy 1
# Configure connection limit rule 1 to permit up to 100000 connections from all the hosts matching ACL
3000. When the number of connections exceeds 100000, new connections cannot be established until
the number drops below 95000.
[Router-connlmt-1] limit 1 acl 3000 amount 100000 95000
# Configure connection limit rule 2 to permit up to 10000 connections to the servers matching ACL 3001.
When the number of connections exceeds 10000, new connections cannot be established until the
number drops below 9800.
[Router-connlmt-policy-1] limit 2 acl 3001 per-destination amount 10000 9800
[Router-connlmt-policy-1] quit
# Create connection limit policy 2.
[Router] connection-limit policy 2
# Configure connection limit rule 1 to permit up to 100 connections from each host matching ACL 3000.
When the number of connections exceeds 100, new connections cannot be established until the number
drops below 90.
[Router-connlmt-policy-2] limit 1 acl 3000 per-source amount 100 90
[Router-connlmt-policy-2] quit
# Apply connection limit policy 1 globally.
[Router] connection-limit apply global policy 1
# Apply connection limit policy 2 to inbound interface GigabitEthernet 2/1/1.
[Router] interface gigabitethernet 2/1/1
[Router-GigabitEthernet2/1/1] connection-limit apply policy 2
[Router-GigabitEthernet2/1/1] quit
Verifying the configuration
# Display information about the connection limit policy.
[Router] display connection-limit policy 1
IPv4 connection limit policy 1 has been applied 1 times, and has 2 limit rules.
Limit rule list:
Policy Rule StatType HiThres LoThres ACL
------------------------------------------------------------
1 1 -- 100000 95000 3000
2 Dst 10000 9800 3001
Application list:
Global
[Router] display connection-limit policy 2
IPv4 connection limit policy 2 has been applied 1 times, and has 1 limit rules.
Limit rule list:
Policy Rule StatType HiThres LoThres ACL
------------------------------------------------------------
2 1 Src 100 90 3000
Application list: