ibm-information-center/dist/eclipse/plugins/i5OS.ic.rzak8_5.4.0.1/rzak8scenario_5.htm

81 lines
5.3 KiB
HTML
Raw Normal View History

2024-04-02 14:02:31 +00:00
<?xml version="1.0" encoding="UTF-8"?>
<!DOCTYPE html
PUBLIC "-//W3C//DTD XHTML 1.0 Transitional//EN" "http://www.w3.org/TR/xhtml1/DTD/xhtml1-transitional.dtd">
<html lang="en-us" xml:lang="en-us">
<head>
<meta http-equiv="Content-Type" content="text/html; charset=utf-8" />
<meta name="security" content="public" />
<meta name="Robots" content="index,follow" />
<meta http-equiv="PICS-Label" content='(PICS-1.1 "http://www.icra.org/ratingsv02.html" l gen true r (cz 1 lz 1 nz 1 oz 1 vz 1) "http://www.rsac.org/ratingsv01.html" l gen true r (n 0 s 0 v 0 l 0) "http://www.classify.org/safesurf/" l gen true r (SS~~000 1))' />
<meta name="DC.Type" content="concept" />
<meta name="DC.Title" content="Scenario: Limit inbound connections" />
<meta name="abstract" content="If you need to control the inbound connection requests made to your server, use an inbound admission policy." />
<meta name="description" content="If you need to control the inbound connection requests made to your server, use an inbound admission policy." />
<meta name="DC.Relation" scheme="URI" content="rzak8examples.htm" />
<meta name="DC.Relation" scheme="URI" content="rzak8scenariodetailsexample5step1.htm" />
<meta name="DC.Relation" scheme="URI" content="rzak8scenariodetailsexample5step2.htm" />
<meta name="DC.Relation" scheme="URI" content="rzak8scenariodetailsexample5step3.htm" />
<meta name="DC.Relation" scheme="URI" content="rzak8scenariodetailsexample5step4.htm" />
<meta name="DC.Relation" scheme="URI" content="rzak8monitoring.htm" />
<meta name="copyright" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Rights.Owner" content="(C) Copyright IBM Corporation 1998, 2006" />
<meta name="DC.Format" content="XHTML" />
<meta name="DC.Identifier" content="rzak8scenario_5" />
<meta name="DC.Language" content="en-us" />
<!-- All rights reserved. Licensed Materials Property of IBM -->
<!-- US Government Users Restricted Rights -->
<!-- Use, duplication or disclosure restricted by -->
<!-- GSA ADP Schedule Contract with IBM Corp. -->
<link rel="stylesheet" type="text/css" href="./ibmdita.css" />
<link rel="stylesheet" type="text/css" href="./ic.css" />
<title>Scenario: Limit inbound connections</title>
</head>
<body id="rzak8scenario_5"><a name="rzak8scenario_5"><!-- --></a>
<!-- Java sync-link --><script language="Javascript" src="../rzahg/synch.js" type="text/javascript"></script>
<h1 class="topictitle1">Scenario: Limit inbound connections</h1>
<div><p>If you need to control the inbound connection requests made to
your server, use an inbound admission policy.</p>
<div class="section" id="rzak8scenario_5__qoscensituation"><a name="rzak8scenario_5__qoscensituation"><!-- --></a><h4 class="sectionscenariobar">Situation</h4><p>Your
Web server's resources are being overloaded by client requests entering your
network. You are asked to slow incoming HTTP traffic to your Web server on
the local interface 192.168.1.1. Quality of service (QoS) can
help you restrict the accepted inbound connection attempts, based on connection
attributes (For example, IP address) to your server. To achieve this, you
decide to do an inbound admission policy, which will restrict the number of
accepted inbound connections.</p>
<p>The figure shows your company and a client
company. This QoS policy can only control traffic flow in one direction.</p>
<div class="fignone"><span class="figcap">Figure 1. Restricting inbound TCP connections</span><br /><img src="rzak8507.gif" alt="Restricting inbound TCP connections" /><br /></div>
</div>
<div class="section" id="rzak8scenario_5__qoscenobjective"><a name="rzak8scenario_5__qoscenobjective"><!-- --></a><h4 class="sectionscenariobar">Objectives</h4><p>To
configure an inbound policy, you must decide whether you are restricting traffic
to a local interface or a specific application and whether you are restricting
it from a particular client. In this case, you want to create a policy that
restricts connection attempts from Their_Company going to port 80 (HTTP protocol)
on your local interface 192.168.1.1.</p>
</div>
<div class="section" id="rzak8scenario_5__qoscenconfig"><a name="rzak8scenario_5__qoscenconfig"><!-- --></a><h4 class="sectionscenariobar">Configuration</h4><p>These
topics show how to create an inbound admission policy.</p>
</div>
</div>
<div>
<ol>
<li class="olchildlink"><a href="rzak8scenariodetailsexample5step1.htm">Scenario details: Create the inbound admission policy</a><br />
</li>
<li class="olchildlink"><a href="rzak8scenariodetailsexample5step2.htm">Scenario details: Start or update the QoS server</a><br />
</li>
<li class="olchildlink"><a href="rzak8scenariodetailsexample5step3.htm">Scenario details: Use the monitor to verify your policy is working</a><br />
</li>
<li class="olchildlink"><a href="rzak8scenariodetailsexample5step4.htm">Scenario details: Change properties (if needed)</a><br />
</li>
</ol>
<div class="familylinks">
<div class="parentlink"><strong>Parent topic:</strong> <a href="rzak8examples.htm" title="These quality of service (QoS) policy scenarios can help you understand why and how to use QoS.">Scenarios</a></div>
</div>
<div class="relref"><strong>Related reference</strong><br />
<div><a href="rzak8monitoring.htm" title="You can use the quality of service (QoS) monitor to analyze your IP traffic through the server.">Monitor QoS</a></div>
</div>
</div>
</body>
</html>