1 service facility rate limiting types, Service facility rate limiting types -2 – Riverstone Networks WICT1-12 User Manual

31-2 Riverstone Networks RS Switch Router User Guide Release 8.0

Service Facility Rate Limiting Types

Service Configuration

Once created,

acl1

becomes bound to the policy and the policy becomes bound to the IP address specified in the

policy. Because it is bound, it can not be used at another IP address. A new policy has to be created with the same rate
limits. That requires more commands. With the

service

facility, the policy need only be configured once for any

number of addresses. Additionally, an ACL does not have to be created. As seen in the second example, the

apply

command handles the filtering by including a source address using

source-addr-mask

.

Note

Currently

service

supports rate limiting and ACLs.

31.1 SERVICE FACILITY RATE LIMITING TYPES

There are four types of rate-limiting used in the

service

facility:

Aggregate rate limiting – The aggregate rate limiting service is used for aggregate flows and executed exclusively in
the hardware.

Note

Some line cards do not support aggregate rate limiting. Do not choose aggregate
rate limiting if a line card does not support this type of limiting.

Flow-aggregate rate limiting – The flow-aggregate rate limiting service is used for aggregate flows and executed in
a combination of hardware and software.

Per-flow rate limiting – Use the per-flow rate limiting service to limit individual flows.

Burst-safe rate limiting – Use the burst-safe rate limiting service if Committed Access Rates (CARs) (guaranteed
transmissions) or burst rates (non-guaranteed transmissions) are required to limit traffic.

Note

Burst-safe is supported on line cards that support aggregate rate limiting.

Note

Port rate limiting must be disabled on a port to use burst-safe rate limiting on that
port.

A traffic profile is used to define the traffic characteristics before an upper limit is assigned. The traffic profile is
created using an ACL, which can utilize any combination of the parameters supported in IP ACL. A rate limiting policy
can then be defined by using the ACL and traffic rate limitations. You define the action to be taken on the traffic that
exceeds the upper limit. For example, dropping packets. Except for port rate limiting, the rate limiting policy is then
applied to a logical IP interface.

Rate limiting policies work only in one direction. That is, only the traffic coming into the interface to which a policy
is applied will be subject to rate limiting (except for output port rate limiting policies, which are applied to egress
ports). If both incoming and outgoing traffic to a network or subnet needs to be rate limited, then you should create
separate policies to be applied to each interface.