ServerIron ADX Security Guide 11
53-1002440-03
Transaction Rate Limit (TRL) 1
2. Enter global configuration mode.
ServerIronADX# configure terminal
3. Specify server virtual-name-or-ip command and VIP name to enter virtual server configuration
mode.
ServerIronADX(config)# server virtual-name-or-ip bwVIP
Syntax: [no] server virtual-name-or-ip <name-or-address>
4. Specify the BW parameter and BW rule set.
ServerIronADX(config-vs-bwVIP)# client-trans-rate-limit trl
Syntax: [no] client-trans-rate-limit <name>
5. The transaction rate limit policy pertaining to the protocol and the port must be applied to
either the physical or the virtual interface for traffic hitting to Virtual IP.
Applying policy on physical interface
ServerIronADX(config) # interface eth 1/1
ServerIronADX(config-if-1/1) # ip tcp trans-rate 80
Applying policy on virtual interface
ServerIronADX(config) # interface ve 20
ServerIronADX(config-vif-20) # ip udp trans-rate 53
Syntax: [no} ip tcp | udp trans-rate <ports>
Syntax: [no} ip icmp trans-rate
The <ports> parame ter specifies one or more TCP or UDP por ts to monitor. You can monitor up
to four ports.
Deleting all TRL rules in a policy
You can delete all TRL rules in a policy as shown.
ServerIronADX(config)# client-trans-rate-limit tcp trl1
ServerIronADX(config-client-trl-trl1)# trl delete-all-rules
Syntax: trl delete-all-rules
Download transaction rate limit configuration from a TFTP server. (optional)
When a Transaction Rate Limit configuration becomes very large, you can download the
configuration from a TFTP server.
NOTE
A TRL configuration file can have IPv4 as well as IPv6 rules.
The following example shows how to download a Transaction Rate Limit configuration from a TFTP
server.
ServerIronADX(config)# server trl tftp 100.1.1.1 test.trl 2
Syntax: server trl tftp <ip-address> <trl_config_file_name> <retry_count>
Specify the following values.