TMS zl Management and Configuration Guide ST.1.2.100916
4-117
Firewall
Resource Allocation
Connection Reservation Concepts
When you set a connection reservation, you ensure that a particular IP address
or range of addresses has connectivity regardless of how much traffic is
passing through the TMS zl Module.
Example uses for connection reservations include the following:
■ Ensuring that network administrators have connectivity during a DoS
attack
■ Guaranteeing that users can always access certain applications
■ Reserving connections for users who must be able to connect to a network
resource at all times
However, each connection reservation that you make decreases the total
number of connections that are available generally, so you should always take
into account how many connections the TMS zl Module supports (total and
per-zone) in comparison to the number of reservations that you make.
The total active connections threshold determines the number of non-
reserved connections that can be made
Total Active Connection Threshold = (Global Maximum Connections)
minus (Reserved Connection Count)
Reservation Process
The TMS zl Module invokes the connection reservation policy under the
following circumstances:
■ The number of total active connections in the system has reached the total
active connections threshold. When the total active connections thresh-
old has been reached, then non-reserved IP addresses cannot make any
connections even if the zone limits have not been reached. Only the
reserved IP addresses can make connections.
■ The corresponding per-zone connection limit has been reached. When a
zone connection limit has been reached, endpoints within that zone
cannot establish connections unless their connection matches a reserva-
tion policy.
Outbound Example. In an outbound reservation, you are reserving connec-
tions from the specified IP address(es) to the specified zone.
Suppose that there are four zones, and each zone has a maximum connection
limit of 10,000. The global maximum connections limit is therefore 40,000
(4 x 10,000).