Brocade Multi-Service IronWare QoS and Traffic Management Configuration Guide (Supporting R05.6.00) User Manual
Page 38
24
Multi-Service IronWare QoS and Traffic Management Configuration Guide
53-1003037-02
Traffic policing on the Brocade device
2
Brocade(config)#access-list 50 permit host 1.1.1.2
Brocade(config)#access-list 50 deny host 1.1.1.3
Brocade(config)#access-list 60 permit host 2.2.2.3
Brocade(config-if-1/1)# rate-limit input access-group 50 priority q1 500000000
33553920
Brocade(config-if-1/1)# rate-limit input access-group 60 100000000 268431230
These commands first configure access-list groups that contain the ACLs that will be used in the
traffic policing policy. Use the permit condition for traffic that will be traffic policed. Traffic that
match the deny condition are not subject to traffic policing.
Next, the commands configure two traffic policing policies on port 1/1. The policies limit the
average rate of all inbound IP traffic that match the permit rules of ACLs 50 and 60. The first policy
limits the rate of all permitted IP traffic with a priority queue value of q1 from host 1.1.1.2 to an
average rate of 500000000 bits per second (bps) with a maximum burst size of 33553920 bits.
Rate of all traffic from host 1.1.1.3 is not subject to rate limiting since it is denied by ACL 50; it is
merely forwarded on the port.
The second policy limits the rate of all IP traffic from host 2.2.2.3 to an average rate of 100000000
bits per second (bps) with a maximum burst size of 268431230 bits.
All IP traffic that does not match ACLs 50 and 60 are not subject to traffic policing.
Syntax: [no] rate-limit [input | output] [vrf vrf-name] access-group group-number [priority
queue-num] [ average-rate maximum-burst | policy-map map-name]
The input parameter applies the policy to traffic on inbound ports.
The output parameter applies the policy to traffic on outbound ports.
The VRF parameter specifies that the access-group will only apply to traffic within the VRF whose
name is specified in the vrf-name variable. This feature is only supported on inbound traffic with
Layer-3 ACLs.
The access-group, group-number parameter specifies the group number to which the ACLs used in
the policy belong.
NOTE
An ACL must exist in the configuration before it can take effect in a traffic policing policy.
The priority parameter specifies a priority queue value in the queue-num variable that is used to
identify packets that will be traffic policed by this command. The possible values for this parameter
are: q0, q1, q2, or q3. Multiple queues can be specified. This parameter is optional.
The average-rate parameter specifies the maximum rate allowed on a port during a one-second
interval. The software automatically adjusts the number you enter to the nearest multiple of 8,144
bits per second (bps). Refer to the section
on page 16 for more details. This
command is only used when configuring rate limiting directly to a port as described in
traffic policing parameters directly to a port”
The maximum-burst parameter specifies the extra bits above the average-rate that traffic can have.
Refer to the section
on page 17 for more details. This command is only used
when configuring traffic policing directly to a port as described in
parameters directly to a port”
The policy-map parameter specifies the policy map named in the policy-map variable to be used to
provide parameters for traffic policing the VLAN specified. This command is only used when
configuring traffic policing to a port using a policy map as described in