Brocade Multi-Service IronWare QoS and Traffic Management Configuration Guide (Supporting R05.6.00) User Manual
Page 37
Multi-Service IronWare QoS and Traffic Management Configuration Guide
23
53-1003037-02
Traffic policing on the Brocade device
2
3. Create a policy for the VLAN group and apply it to the interface you want. Enter commands
such as the following.
Brocade(config)# interface ethernet 1/1
Brocade(config-if-1/1)# rate-limit input group 10 500000000 33553920
These commands configure a traffic policing policy that limits the average rate of all inbound traffic
on port 1/1 from vlan group VlanGroupA. This policy limits packets from VlanGroupA to an average
rate of 500000000 bits per second (bps) with a maximum burst size of 33553920 bits on port
1/1. VLAN Group based traffic policing is only available for inbound ports.
Syntax: [no] rate-limit input group vlan-group-id [priority queue-num] [average-rate
maximum-burst | policy-map map-name ]
The input parameter applies the policy to traffic on inbound ports.
The priority parameter specifies an 802.1p value in the queue-num variable that is used to identify
packets that will be traffic policed by this command. This parameter is optional.
The vlan-group-id parameter species the VLAN Group ID to which the policy applies.
The average-rate parameter specifies the maximum rate allowed on a port during a one-second
interval. The software automatically adjusts the number you enter to the nearest multiple of 8,144
bits per second (bps). Refer to the section
on page 16 for more details. This
command is only used when configuring rate limiting directly to a port as described in
traffic policing parameters directly to a port”
The maximum-burst parameter specifies the extra bits above the average-rate that traffic can have.
Refer to the section
on page 17 for more details. This command is only used
when configuring rate limiting directly to a port as described in
“Applying traffic policing parameters
The policy-map parameter specifies the policy map named in the policy-map variable to be used to
provide parameters for rate limiting the VLAN specified. This command is only used when
configuring traffic policing to a port using a policy map as described in
parameters using a policy map”
Configuring a port and ACL-based rate limiting
You can use standard or extended IP ACLs for port-and-ACL-based rate limiting:
•
Standard IP ACLs match traffic based on source IP address information.
•
Extended ACLs match traffic based on source and destination IP addresses and IP protocol
information. Extended ACLs for TCP and UDP protocol must also match on source and
destination IP addresses and TCP or UDP protocol information.
•
You can bind multiple rate limiting policies to a single port. However, once a matching ACL
clause is found for a packet, the device does not evaluate subsequent clauses in that rate
limiting ACL and subsequent rate limiting ACLs.
•
You can apply an ACL ID to a port-and-ACL-based traffic policing policy even before you define
the ACL. The traffic policing policy does not take effect until the ACL is defined.
•
It is not necessary to remove an ACL from a port-and-ACL-based rate limiting policy before
deleting the ACL.
•
Layer 2 ACL rate limiting is supported.
Port-and-ACL-based traffic policing is supported for traffic on inbound and outbound ports. To
configure port-and-ACL-based traffic policing policies, enter commands such as the following.