[nsp] limit connections per-source-ip on pix or localdir?
Rob Helmer
robert at namodn.com
Thu Jul 31 17:09:32 EDT 2003
Hello,
I run a network with a PIX 515 on the outside, and a LD 410 on the
inside.
I would like to limit the number of open connections to (say)
1000 per source IP. I've gone through all the manuals, but the
closest I've found is "maxconns" on the LD side, which just limits
the total number of open connections to a particular service, which
won't fit my needs.
The story behind this is that a client with many more servers than we
have has accidentally flooded us with requests a couple times, which
makes all of our servers too busy to respond to other clients.
We still have bandwidth to spare though. I'd like to limit the number
of requests any one client can make, ideally without buying any more
gear (although I am open to suggestions :) ).
Thanks,
Rob Helmer
More information about the cisco-nsp
mailing list