Cabletron Systems SSIM-R8-02 Spécifications Page 310
- Page / 394
- Table des matières
- DEPANNAGE
- MARQUE LIVRES
Noté. / 5. Basé sur avis des utilisateurs
Using ACLs
290 Enterasys Xpedition User Reference Manual
Using Profile ACLs with the Traffic Rate Limiting Facility
Traffic rate limiting is a mechanism that allows you to control bandwidth usage of
incoming traffic on a per-flow basis. A flow meeting certain criteria can have its packets
re-prioritized or dropped if its bandwidth usage exceeds a specified limit.
For example, you can cause packets in flows from source address 1.2.2.2 to be dropped if
their bandwidth usage exceeds 10 Mbps. You use a Profile ACL to define the selection
criteria (in this case, flows from source address 1.2.2.2). Then you use a rate-limit
command to specify what happens to packets that match the selection criteria (in this
example, drop them if their bandwidth usage exceeds 10 Mbps). The following commands
illustrate this example.
This command creates a Profile ACL called prof2 that uses as its selection criteria all
packets originating from source address 1.2.2.2:
The following command creates a rate limit definition that causes flows matching Profile
ACL prof2’s selection criteria (that is, traffic from 1.2.2.2) to be restricted to 10 Mbps for
each flow. If this rate limit is exceeded, the packets are dropped.
When the rate limit definition is applied to an interface (with the rate-limit apply
interface command), packets in flows originating from source address 1.2.2.2 are dropped
if their bandwidth usage exceeds 10 Mbps.
See Limiting Traffic Rate on page 323 for more information on using the rate-limit
command.
Using Profile ACLs with Dynamic NAT
Network Address Translation (NAT) allows you to map an IP address used within one
network to a different IP address used within another network. NAT is often used to map
addresses used in a private, local intranet to one or more addresses used in the public,
global Internet.
The XP supports two kinds of NAT: static NAT and dynamic NAT. With dynamic NAT, an
IP address within a range of local IP addresses is mapped to an IP address within a range
of global IP addresses. For example, you can configure IP addresses on network
10.1.1.0/24 to use an IP address in the range of IP addresses in network 192.50.20.0/24.
You can use a Profile ACL to define the ranges of local IP addresses.
ssr(config)# acl prof2 permit ip 1.2.2.2
ssr(config)# rate-limit client1 input acl prof2 rate-limit 10000000 exceed-action drop-packets
- 8VHU5HIHUHQFH0DQXDO 1
- 1
- ENTERASYS NETWORKS, INC 3
- PROGRAM LICENSE AGREEMENT 3
- DECLARATION OF CONFORMITY 5
- Contents 10
- Chapter 1 21
- Introduction 21
- Document Conventions 22
- Getting Help 22
- Chapter 2 25
- Maintaining 25
- Configuration Files 25
- Configuration File 29
- Configuring System Settings 33
- Configuring a Log-in Banner 34
- Chapter 3 35
- Using the CLI 35
- Command Modes 36
- Establishing Telnet Sessions 37
- Setting CLI Parameters 37
- ↑ key, the CLI displays the 38
- Line Editing Commands 40
- Command Resulting Action 41
- Port Names 42
- Chapter 4 45
- Hot Swapping Line 45
- Cards and Control 45
- Hot Swapping Line Cards 46
- Removing the Line Card 47
- Installing a New Line Card 47
- Removing the Control Module 49
- Installing a Control Module 49
- Offline LED 50
- Hot Swap Button 50
- Chapter 5 53
- Bridging 53
- VLAN Overview 54
- XP VLAN Support 56
- Configuring Spanning Tree 60
- Configuring VLAN Trunk Ports 63
- Configuring Layer-2 Filters 64
- Monitoring Bridging 65
- VLAN ID 5 66
- Chapter 6 67
- SmartTRUNK 67
- Configuring SmartTRUNKs 68
- Monitoring SmartTRUNKs 69
- Chapter 7 73
- ATM Configuration 73
- Virtual Channels 74
- Service Profile Definition 74
- Cell Scrambling 77
- ATM port 78
- Cell Mapping 79
- Creating a Non-Zero VPI 80
- ATM Sample Configuration 1 85
- Creating a Virtual Channel 86
- Configuring an IP Route 87
- ATM Sample Configuration 2 89
- Chapter 8 95
- Packet-over-SONET 95
- Monitoring PoS Ports 100
- Example Configurations 101
- Chapter 9 105
- Configuration Guide 105
- Configuring Client Parameters 106
- Configuring DHCP 107
- Updating the Lease Database 108
- Monitoring the DHCP Server 108
- DHCP Configuration Examples 109
- Configuring Secondary Subnets 110
- Interacting with Relay Agents 112
- Chapter 10 115
- IP Routing 115
- Multicast Routing Protocols 116
- Configuring Jumbo Frames 118
- Configuring DNS Parameters 122
- Configuring IP Helper 122
- Configuring Direct Broadcast 123
- Monitoring IP Parameters 124
- Configuring Router Discovery 125
- Configuration Examples 128
- Chapter 11 129
- Basic VRRP Configuration 130
- Symmetrical Configuration 131
- Multi-Backup Configuration 133
- 10.0.0.1/16 134
- 10.0.0.2/16 134
- 10.0.0.3/16 134
- Additional Configuration 138
- Monitoring VRRP 139
- VRRP Configuration Notes 142
- Chapter 12 145
- RIP Configuration 145
- Enabling and Disabling RIP 146
- Configuring RIP Interfaces 146
- Configuring RIP Parameters 146
- Monitoring RIP 148
- Configuration Example 149
- Chapter 13 151
- OSPF Configuration 151
- Configuring OSPF 152
- Enabling OSPF 153
- Configuring an OSPF Area 155
- Creating Virtual Links 156
- Monitoring OSPF 158
- OSPF Configuration Examples 160
- A r e a 150.20.0.0 163
- Chapter 14 165
- BGP Configuration 165
- Basic BGP Tasks 166
- Setting the Router ID 167
- Configuring a BGP Peer Group 167
- Starting BGP 169
- BGP Configuration Examples 172
- BGP Peering Session Example 173
- IBGP Configuration Example 175
- AS-64801 177
- IBGP Internal Group Example 179
- 17.122.128.2/24 180
- 17.122.128.1/24 180
- Community Attribute Example 185
- Physical Link 187
- Peering Relationship 187
- Information Flow 187
- Local Preference Examples 191
- AS-64900 192
- AS-64901 192
- EBGP EBGP 192
- EBGP Aggregation Example 195
- Route Reflection Example 196
- 192.68.222.1 197
- 192.68.20.2 197
- 192.68.20.1 197
- 172.16.30.2 197
- Chapter 15 201
- Routing Policy 201
- Preference 202
- Import Policies 203
- Export Policies 204
- Specifying a Route Filter 205
- Aggregates and Generates 206
- Authentication 208
- Redistributing Static Routes 210
- Redistributing RIP into RIP 211
- Redistributing RIP into OSPF 211
- Redistributing OSPF to RIP 211
- Creating an Export Source 217
- Creating an Import Source 218
- Creating a Route Filter 218
- Creating an Aggregate Route 219
- Creating an Aggregate Source 220
- Examples of Import Policies 220
- Figure 19. Exporting to RIP 221
- Examples of Export Policies 227
- Chapter 16 237
- Multicast Routing 237
- DVMRP Overview 238
- Configuring IGMP 239
- Configuring DVMRP 240
- Starting and Stopping DVMRP 241
- Configuring DVMRP Parameters 241
- Monitoring IGMP & DVMRP 243
- Chapter 17 247
- IP Policy-Based 247
- Forwarding 247
- Configuring IP Policies 248
- Firewall Load Balancing 254
- Monitoring IP Policies 255
- Chapter 18 259
- Chapter 19 259
- Network Address 259
- Translation 259
- Configuring NAT 260
- Forcing Flows through NAT 261
- Managing Dynamic Bindings 262
- NAT and DNS 262
- NAT and ICMP Packets 263
- NAT and FTP 263
- Monitoring NAT 264
- Dynamic Configuration 265
- Dynamic NAT with DNS 268
- Chapter 20 271
- Web Hosting 271
- Load Balancing 272
- Session Persistence 273
- Persistence 274
- Default Binding 274
- Setting Server Status 278
- Load Balancing and FTP 278
- Real Server 281
- TCP Port 281
- Destination 283
- Server IP 283
- Web Caching 284
- Other Configurations 286
- Monitoring Web-Caching 288
- Chapter 21 289
- IPX Routing 289
- IPX Routing Overview 290
- Configuring IPX RIP & SAP 291
- IPX Addresses 292
- Configuring IPX Routing 293
- Enabling SAP 294
- Configuring Static Routes 294
- Monitoring an IPX Network 297
- Chapter 22 299
- Access Control List 299
- ACL Basics 300
- How ACL Rules are Evaluated 302
- Implicit Deny Rule 302
- Creating and Modifying ACLs 304
- Editing ACLs Offline 305
- Using ACLs 306
- Applying ACLs to Services 307
- Using ACLs as Profiles 308
- Enabling ACL Logging 313
- Monitoring ACLs 314
- Chapter 23 315
- Security 315
- Configuring RADIUS 316
- Configuring TACACS 317
- Configuring TACACS Plus 317
- Layer-2 Security Filters 319
- Layer-2 Filter Examples 323
- Chapter 24 331
- QoS Configuration 331
- Precedence for Layer-3 Flows 333
- XP Queuing Policies 333
- Configuring Layer-2 QoS 334
- 802.1p Priority Mapping 334
- Configuring IP QoS Policies 336
- Configuring IPX QoS Policies 337
- ToS Rewrite 339
- Monitoring QoS 342
- Limiting Traffic Rate 343
- Per-Flow Rate Limiting 344
- Port Rate Limiting 344
- Aggregate Rate Limiting 345
- Chapter 25 349
- Performance 349
- Monitoring Guide 349
- Monitoring Broadcast Traffic 351
- Chapter 26 353
- Configuring and Enabling RMON 354
- RMON Groups 355
- Control Tables 357
- Using RMON 358
- Configuring RMON Groups 359
- Displaying RMON Information 362
- RMON CLI Filters 363
- Troubleshooting RMON 365
- Allocating Memory to RMON 367
- Chapter 27 369
- LFAP Configuration 369
- Chapter 28 373
- WAN Configuration 373
- Configuring WAN Interfaces 374
- Forcing Bridged Encapsulation 376
- Packet Compression 376
- WAN Overview 377
- Packet Encryption 378
- WAN Quality of Service 378
- Frame Relay Overview 380
- Virtual Circuits 381
- Configuring PPP Interfaces 385
- Monitoring PPP WAN Ports 387
- PPP Port Configuration 388
- WAN Configuration Examples 389
- Router R1 Configuration File 391
- Router R2 Configuration File 391
- Router R3 Configuration File 392
- Router R4 Configuration File 392
- Router R5 Configuration File 393
- Router R6 Configuration File 393
Produits connexes et manuels pour Mise en réseau Cabletron Systems SSIM-R8-02
(190 pages)
(19 pages)
(396 pages)© 2020, manymanuals.fr. Tous droits réservés | 0.041 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Commentaires sur ces manuels