Virus Throttling (5300xl Switches Only)
Operating Rules
Operating Rules
■ When configuring or changing the configuration of connection-rate
filters in the switch, execute the clear arp command to reset the
routing table.
■ Connection-Rate filtering is triggered by inbound IP routed traffic
exhibiting high rates of IP connections to new hosts. Inbound
switched traffic with high IP connection rates does not trigger
connection-rate filtering. However, after connection-rate filtering has
been triggered on a port, all traffic (switched or routed) from the
suspect host is subject to the configured connection-rate policy
(notify-only, throttle, or block).
■ Where the switch is throttling or blocking inbound routed traffic from
a host, any outbound routed or switched traffic for that host is still
permitted.
■ A host blocked by connection-rate filtering remains blocked until
explicitly unblocked by one of the following:
• The vlan < vid > connection-rate-filter unblock command (page 3-18)
• Rebooting the switch
• Disabling connection-rate filtering using the no connection-rate-filter
command.
• Deleting a VLAN removes blocks on any hosts on that VLAN.
Note that changing a port setting from Block to either Throttle or Notify-
Only, does not unblock a blocked host on any port previously set to block.
3-8
To Next Page
Loading...
