Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

max connections - source IP

Hello,

I would like to be able to limit the amout of connections to a particular service based on source IP address.

Thanks

Donagh

  • Application Networking
5 REPLIES
Cisco Employee

Re: max connections - source IP

you can't do it based on source-ip.

Gilles.

New Member

Re: max connections - source IP

Hi Gilles

Can you tell if I could limit is by some other means?

Thanks for your swift response.

Donagh

Cisco Employee

Re: max connections - source IP

you can only limit the total number of connections. You can't say some traffic will bypass the rule.

So, all connections are taken into account and when the limit is reached all connections are blocked - no exception or bypass.

Gilles.

New Member

Re: max connections - source IP

ok thanks Gilles. It would be a nice feature, although Cisco probably have another product for that. Do you know of anything? Finally my last question to you which is related. How many connections can a CSS11503 take before it falls over - I am sure there would probably need to be 100s of VI Pswith many services. Perhaps you could clarify - I have looked at the product documentation but I cant find the answer. I will rate...

Thanks

Donagh

Cisco Employee

Re: max connections - source IP

The CSS would have problem if it runs out of FCB. THe amount of FCB per CSS is dependent on how many module you have.

We usually count 200k per module.

So, 600k FCB per CSS.

Each flow consume 1 FCB.

You can do a 'flow stat' from llama mode to see how much FCB you have and howmany are being used and free.

Gilles.

113
Views
5
Helpful
5
Replies
This widget could not be displayed.