Virus Throttling
Configuring and Applying Connection-Rate ACLs
Applying Connection-Rate ACLs
To apply a connection-rate ACL, use the access group command described
below. Note that this command differs from the access group command for
non-connection-rate ACLs.
Syntax:
[no] vlan <
vid
> ip access-group <
crf-list-name
> connection-rate-filter
This command applies a connection-rate access control list
(ACL) to inbound traffic on ports in the specified VLAN that
are configured for connection-rate filtering. (A connection-
rate ACL does not apply to ports in the VLAN that are not
configured for connection-rate filtering.) The
no
form of the
command removes the connection-rate ACL assignment from
the VLAN.
Note:
The switch allows only one connection-rate ACL assign
ment per VLAN. If a connection-rate ACL is already assigned
to a VLAN and you assign another connection-rate ACL to that
VLAN, the second ACL overwrites the first one. (A connection-
rate ACL can be in addition to any standard or extended ACLs
already assigned to the VLAN.)
Using CIDR Notation To Enter the ACE Mask
You can use CIDR (Classless Inter-Domain Routing) notation to enter ACE
masks. The switch interprets the bits specified with CIDR notation as the IP
address bits in an ACE and the corresponding IP address bits in a packet. The
switch then converts the mask to inverse notation for ACE use.
Table 3-2.
Examples of CIDR Notation for Masks
IP Address Used In an
ACL with CIDR Notation
Resulting ACL Mask
Meaning
10.38.240.125/15
0.1.255.255
The leftmost 15 bits must match; the
remaining bits are wildcards.
10.38.240.125/20
0.0.15.255
The leftmost 20 bits must match; the
remaining bits are wildcards.
10.38.240.125/21
0.0.7.255
The leftmost 21 bits must match; the
remaining bits are wildcards.
10.38.240.125/24
0.0.0.255
The leftmost 24 bits must match; the
remaining bits are wildcards.
10.38.240.125/32
0.0.0.0
All bits must match.
3-26
Summary of Contents for J8697A
Page 1: ...6200yl Access Security Guide 5400zl 3500yl ProCurve Switches K 11 XX www procurve com ...
Page 2: ......
Page 22: ...Product Documentation Feature Index xx ...
Page 55: ...Configuring Username and Password Security Front Panel Security 2 21 ...
Page 56: ...Configuring Username and Password Security Front Panel Security 2 22 ...
Page 58: ...Virus Throttling Contents Operating Notes 3 30 Connection Rate Log and Trap Messages 3 31 3 2 ...
Page 88: ...Virus Throttling Connection Rate Log and Trap Messages This page is intentionally unused 3 32 ...
Page 118: ...Web and MAC Authentication Client Status This page intentionally unused 4 30 ...
Page 356: ...Configuring and Monitoring Port Security Operating Notes for Port Security 11 44 ...
Page 370: ...Using Authorized IP Managers Operating Notes This page is intentionally unused 12 14 ...
Page 388: ...10 Index ...
Page 389: ......