Traffic policies overview, Traffic policy structure, Acl statistics – Brocade Communications Systems Brocade ICX 6650 6650 User Manual
Page 162
142
Brocade ICX 6650 Security Configuration Guide
53-1002601-01
Traffic policies overview
•
Adaptive rate limiting – Enforces a flexible bandwidth limit that allows for bursts above the
limit. You can configure adaptive rate limiting to forward traffic, modify the IP precedence of
and forward traffic, or drop traffic based on whether the traffic is within the limit or exceeds the
limit. To configure adaptive rate limiting, refer to
“Configuring adaptive rate limiting”
Traffic policies overview
Traffic policies are rules that define rate limits on packets permitted by ACLs. As traffic policies
apply rate limits on specific interfaces using ACLs, this method is also called ACL-based rate
limiting. The process for applying a traffic policy to an interface involves:
1. Creating a traffic policy
2. Adding a reference to the traffic policy in an ACL entry
3. Binding the ACL associated with this ACL entry to an interface
Traffic policy structure
A traffic policy has the following structure:
•
Traffic policy name – A string of up to eight alphanumeric characters that identifies individual
traffic policy definitions.
•
Traffic policy definition (TPD) – The command action associated with a traffic policy name. A
TPD includes either or both of the following:
-
Rate limiting policy
-
ACL statistics
ACL statistics
Traffic policies also enable ACL statistics. ACL statistics, also called ACL counting, are automatically
enabled when a traffic policy that defines a rate limit is enforced (activated). However, you can also
create and enforce traffic policies that enable ACL statistics but do not enforce any rate limit.
On Brocade ICX 6650, ACL counting for fixed rate limiting is similar to the single-rate three-color
marker (srTCM) mechanism described in RFC 2697. ACL counting for adaptive rate limiting is
similar to the two-rate three-color marker (trTCM) mechanism described in RFC 2698.
In both types of rate limiting, ACL statistics can collect the following information:
•
The total number of packets and bytes permitted by all ACLs to which the traffic policy is
attached. This statistic is available in all traffic policies.
•
The total number of packets at different conformance levels ( either trTCM or srTCM,
depending on the type of rate limiting applied) across all active ACLs to which the traffic policy
is attached. This statistic is available in traffic policies that enable rate limiting.
NOTE
“Enabling and using ACL statistics”
on page 148. To configure traffic policies for ACL