Traffic policing on the brocade device, Chapter 2, Chapter – Brocade Multi-Service IronWare QoS and Traffic Management Configuration Guide (Supporting R05.6.00) User Manual
Page 29
Multi-Service IronWare QoS and Traffic Management Configuration Guide
15
53-1003037-02
Chapter
2
Configuring Traffic Policing for the Brocade NetIron XMR
and Brocade MLX series
Traffic policing on the Brocade device
The Brocade device provides line-rate traffic policing in hardware on inbound ports and outbound
ports.
You can configure a Brocade device to use one of the following modes of traffic policing policies:
•
Port-based – Limits the rate on an individual physical port to a specified rate. Only one inbound
and one outbound port-based traffic policing policy can be applied to a port. (Refer to
“Configuring port-based traffic policing for inbound and outbound ports”
on page 20.) These
policies can be applied to inbound and outbound traffic.
NOTE
The MLX series does not support BUM rate limiting on a per port level.
•
Port-and-priority-based – Limits the rate on an individual hardware forwarding queue on an
individual physical port. Only one port-and-priority-based traffic policing policy can be specified
per priority queue for a port. (Refer to
“Configuring a port and priority-based traffic policing
policy for inbound and outbound ports”
on page 21.) These policies can be applied to inbound
and outbound traffic.
•
VLAN-based – Untagged packets as well as tagged packets can be rate-limited. Only one rate
can be specified for each VLAN. (Refer to
“Configuring a VLAN-based traffic policing policy”
page 21.) Up to 990 VLAN-based policies can be configured for a port under normal conditions
or 3960 policies if priority-based traffic policing is disabled as described in
priority-based traffic policing”
on page 25. These policies can be applied to inbound and
outbound traffic.
•
VLAN group based – Limits the traffic for a group of VLANs. Members of a VLAN group share
the specified bandwidth defined in the traffic policing policy that has been applied to that
group. (Refer to
“Configuring a VLAN group-based traffic policing policy”
on page 22.) Up to
990 VLAN Group-based policies can be configured for a port under normal conditions or 3960
policies if priority-based traffic policing is disabled as described in
priority-based traffic policing”
on page 25. These policies can only be applied to inbound
traffic.
NOTE
If a VLAN based policing is configured on a port for a particular VLAN, the policing will be
applicable to all ports on that Network Processor that belong to that VLAN.
•
Port-and-ACL-based – Limits the rate of IP traffic on an individual physical port that matches
the permit conditions in IP Access Control Lists (ACLs). Layer 2 ACL-based traffic policing is
supported. You can use standard or extended IP ACLs. Standard IP ACLs match traffic based
on source IP address information. Extended ACLs match traffic based on source and
destination IP address and IP protocol information. Extended ACLs for TCP and UDP also match