Manualshelf

TMS zl Management and Configuration Guide ST.1.0.090213

ManualsBrandsHP ManualsComputer AccessoriesHP ProCurve Switch xl Access Controller Module
341342343344345346347348349350
4-101
Firewall
Resource Allocation
Suggested uses for connection reservations include the following:
Ensuring that network administrators have connectivity during a DoS
attack
Guaranteeing that users can always access certain applications
Reserving connections for users who must be able to connect to a network
resource at all times
However, each connection reservation that you make decreases the total
number of connections that are available generally, so you should always take
into account how many connections the TMS zl Module supports (total and
per-zone) in comparison to the number of reservations that you make.
Reservation Process
The TMS zl Module invokes the connection reservation policy under the
following circumstances:
The number of total active connections in the system has reached the total
active connections threshold. When the total active connections thresh-
old has been reached, then non-reserved IP addresses cannot make any
connections even if the zone limits have not been reached. Only the
reserved IP addresses can make connections.
Total Active Connection Threshold = (Global Maximum Connec-
tions) minus (Reserved Connection Count)
The corresponding per-zone connection limit has been reached.
Outbound Example. In an outbound reservation, you are reserving connec-
tions from the specified IP address(es) to the specified zone.
Suppose that there are four zones, and each zone has a maximum connection
limit of 10,000. The global maximum connections limit is therefore 40,000
(4 x 10,000).