RTS DV-3400 Technical Information Seite 328
- Seite / 580
- Inhaltsverzeichnis
- FEHLERBEHEBUNG
- LESEZEICHEN
Bewertet. / 5. Basierend auf Kundenbewertungen
Port Traffic Controls
All-Traffic Rate-Limiting for the 5300xl, 3400cl and 6400cl Switches
ICMP Rate-Limiting
In IP networks, ICMP messages are generated in response to either inquiries
or requests from routing and diagnostic functions. These messages are
directed to the applications originating the inquiries. In unusual situations, if
the messages are generated rapidly with the intent of overloading network
circuits, they can threaten network availability. This problem is visible in
denial-of-service (DoS) attacks or other malicious behaviors where a worm
or virus overloads the network with ICMP messages to an extent where no
other traffic can get through. (ICMP messages themselves can also be misused
as virus carriers). Such malicious misuses of ICMP can include a high number
of ping packets that mimic a valid source IP address and an invalid destination
IP address (spoofed pings), and a high number of response messages (such
as Destination Unreachable error messages) generated by the network. ICMP
Rate-Limiting provides a method for limiting the amount of bandwidth that
may be utilized for inbound ICMP traffic on a switch port or trunk. This feature
allows users to restrict ICMP traffic to levels that permit necessary ICMP
functions, but throttle additional traffic that may be due to worms or viruses
(reducing their spread and effect). In addition, this preserves inbound port
bandwidth for non-ICMP traffic.
Terminology
All-Traffic Rate-Limiting: Applies a rate-limit to all inbound traffic, includ-
ing ICMP traffic, received on an interface.
ICMP Rate-Limiting: Applies a rate-limit to all inbound ICMP traffic received
on an interface, but does not limit other types of inbound traffic.
Spoofed Ping: An ICMP echo request packet intentionally generated with a
valid source IP address and an invalid destination IP address. Spoofed
pings are often created with the intent to oversubscribe network
resources with traffic having invalid destinations.
Effect of ICMP Rate-Limiting
ICMP rate-limiting generally allows only a specified percentage of an inter-
face’s inbound bandwidth to be used for ICMP traffic. As a result, inbound
bandwidth is preserved for non-ICMP traffic and the port or trunk throttles
any sudden flood of inbound ICMP traffic that may be due to a worm or virus
attack (or any other cause). Notice that ICMP rate-limiting does not throttle
non-ICMP traffic. In cases where you want to throttle both ICMP traffic and
all other inbound traffic on a given interface, you can configure both ICMP
rate-limiting and all-traffic rate-limiting.
14-10
- ProCurve Switches 1
- ProCurve 3
- Series 6400cl Switches 3
- Series 5300xl Switches 3
- Series 4200vl Switches 3
- Series 3400cl Switches 3
- 3 Using the Menu Interface 6
- 8 Configuring IP Addressing 9
- 9 Time Protocols 10
- Switches 12
- 13 Port Trunking 13
- Port Traffic Controls 14
- File Transfers 16
- C Troubleshooting 19
- D MAC Address Management 20
- Product Documentation 21
- Feature Index 22
- Getting Started 27
- Conventions 28
- Command Syntax Statements 29
- Command Prompts 29
- Sources for More Information 30
- Online Help 33
- Need Only a Quick Start? 34
- Network 35
- Advantages of Using the CLI 40
- Interface 41
- Using the Menu Interface 47
- Command Line (CLI) option.) 49
- Main Menu Features 53
- Menu Features List 60
- Where To Go From Here 61
- Accessing the CLI 64
- Using the CLI 64
- Privilege Levels at Logon 65
- Privilege Level Operation 66
- Manager Privileges 67
- How To Move Between Levels 69
- ? symbol lists the 70
- Listing Command Options 72
- Displaying CLI “Help” 73
- Configuration Modes 74
- [Enter]). (The tilde 79
- CLI Control and Editing 83
- General Features 87
- Session with the Switch 88
- ProCurve Manager Plus (PCM+) 89
- First-Time 90
- Install Alert 90
- Interface Session 91
- [Fault Detection] key.) 92
- Using a User Name 94
- If You Lose the Password 94
- The Help Button 95
- Support/Mgmt URLs Feature 96
- Support URL 97
- Status Reporting Features 100
- Port Utilization 101
- Port Status 103
- The Alert Log 104
- The Status Bar 106
- Contents 111
- Management 113
- Overview 113
- Using the CLI To Implement 116
- Configuration Changes 116
- Changes 119
- Image Options 123
- The unequal code 124
- Switch Software Downloads 125
- Caution: 127
- No Undo! 127
- Rebooting the Switch 128
- Operating Notes 131
- General Operation 134
- Configuration Enabled 137
- Command Page 139
- Serially Connected Host 148
- Connected Host 148
- Web, and Inbound Telnet 153
- Interface Access 154
- Parameters 154
- ■ VT100 operation 157
- ■ 19,200 baud 157
- ■ No flow control 157
- ■ 10-minute inactivity time 157
- ■ Critical log events 157
- Denying Interface Access by 158
- Sessions 158
- System Information 159
- (config)# time timezone -480 163
- [System Info] 164
- [Apply Changes] 164
- [?] in the web 164
- Configuring IP Addressing 165
- IP Configuration 166
- Live (TTL) 169
- [IP Configuration] 174
- DHCP/Bootp Operation 176
- ■ For Bootp operation: 178
- Downloads 179
- Enabling IP Preserve 180
- Time Protocols 183
- Operation 185
- Configuring 187
- – TIMEP (the default) 199
- – None 199
- Time Sync Method 202
- SNTP Servers 207
- Addresses Configured 210
- Port Parameters 212
- — Continued — 213
- Menu: Port Configuration 216
- Configure Port Mode 219
- Enables global flow control 222
- Configuring Auto-MDIX 225
- ■ Manual MDI 226
- ■ Manual MDI-X 226
- Per-Port MDI 227
- Configuration 227
- Operating Mode 227
- Friendly port names 231
- Ports Without 231
- “Friendly” 231
- Introduction 236
- PoE Terminology 237
- Overview of Operation 238
- Related Publications 238
- General PoE Operation 239
- PD Support 240
- Power Priority Operation 242
- Configuring PoE Operation 244
- • Detection Status: 251
- (204 – 15.4) ≥ w 255
- PoE Operating Notes 257
- for the Series 5300xl 261
- Terminology 264
- Module Operation 265
- Controller xl Module 267
- The Role of VLANs 272
- Client VLANs 272
- General Operating Rules 274
- Changing the VLAN-Base 278
- Configuring the Uplink VLAN 279
- Configuring Client VLANs 279
- Managing the ACM 287
- BIOS POST Event Log Messages 292
- Port Trunking 293
- Trunk Configuration Methods 297
- Trunk Group 301
- “Up” Links 306
- Standby Link 306
- [Port Status] 309
- Default Port Operation 312
- LACP Notes and Restrictions 313
- “Trunk” Option 316
- Trunked Links 317
- Rate-Limiting Operation 323
- Rate-Limiting 326
- ICMP Rate-Limiting 328
- Note on Testing 335
- GMB Operation 339
- Outbound Traffic 341
- GMB Operating Notes 344
- Jumbo Packets on the Series 345
- Operating Rules 346
- Troubleshooting 352
- Applications 353
- SNMP Management Features 356
- SNMP Version 3 Commands 358
- Enabling SNMPv3 359
- SNMPv3 Users 359
- Group Access Levels 362
- SNMPv3 Communities 363
- Two Operator Access Levels 364
- Advanced Management: RMON 374
- General LLDP Operation 379
- Configuration Options 380
- LLDP Operating Rules 383
- Configuring LLDP Operation 385
- LLDP Advertisements” 388
- ■ Chassis ID (TLV) 395
- ■ Port ID (TLV) 395
- ■ port description (TLV) 396
- ■ system name (TLV) 396
- ■ system description (TLV) 396
- ■ system capabilities (TLV) 396
- TLV-Type > 397
- 5300xl and 4200vl Switches 399
- LLDP-MED Fast Start Control 403
- Status and Location Data 404
- Advertisements 415
- (VoIP Telephone) Source 419
- Displaying LLDP Statistics 420
- LLDP Operating Notes 422
- LLDP and CDP Data Management 424
- CDP Operation and Commands 426
- ■ show cdp displays 429
- Downloading Switch Software 433
- [Enter] to begin 436
- Using Secure Copy and SFTP 438
- How It Works 439
- The SCP/SFTP Process 440
- Command Options 443
- Authentication 444
- SCP/SFTP Operating Notes 444
- Switch-to-Switch Download 448
- ACL Command Files 453
- [Enter] 457
- Status and Counters Data 466
- General System Information 467
- CLI Access 468
- Menu Access 468
- Module Information 470
- Control Status 472
- Statistics 474
- [Enter]. The address 476
- Prompt for Selecting 477
- Menu Access to STP Data 479
- CLI Access to STP Data 480
- VLAN Information 482
- [E] (for Edit) 486
- [Y]) to select Yes 486
- Use the Space bar to 487
- Monitoring 488
- Monitored Ports 489
- Troubleshooting Approaches 496
- Unusual Network Activity 499
- ACL Problems 500
- IGMP-Related Problems 505
- LACP-Related Problems 505
- Mesh-Related Problems 506
- QoS-Related Problems 510
- Radius-Related Problems 510
- Problems 511
- SSH-Related Problems 512
- TACACS-Related Problems 514
- VLAN-Related Problems 516
- Problem: This switch detects 518
- Sources 519
- Range of Events in the Log 521
- Log Status Line 521
- CLI: Listing Events 522
- Messages 523
- ■ ACL “deny” matches 526
- ■ Up to six Syslog servers 526
- Debug Command Operation 527
- Debug Types 528
- Debug Destinations 530
- Syslog Operation 531
- Diagnostic Tools 537
- CLI: Ping or Link Tests 540
- [Configuration Report] 542
- ■ IP routes 543
- ■ GVRP support 543
- Traceroute Command 545
- Restoring a Flash Image 550
- MAC Address Management 553
- Determining MAC Addresses 555
- Viewing the MAC Addresses of 560
- Connected Devices 560
- ■ Alaska 561
- ■ Canada and Continental US 561
- ■ Southern Hemisphere 561
- ■ Western Europe 561
- Symbols 565
- Numerics 565
- 2 – Index 566
- Index – 3 567
- 4 – Index 568
- Index – 5 569
- 6 – Index 570
- Index – 7 571
- 8 – Index 572
- Index – 9 573
- 10 – Index 574
- Index – 11 575
- 12 – Index 576
- Index – 13 577
- 14 – Index 578
- 5990-6050 580
© 2020, manymanuals.de. Alle Rechte vorbehalten. | 0.035 s |
Manymanuals.com
Manymanuals.de
Manymanuals.fr
Manymanuals.it
Manymanuals.pl
Manymanuals.cz
Manymanuals.es
Manymanuals-pt.com
Kommentare zu diesen Handbüchern