Dscp matching, Acl-based rate limiting, Acl statistics – Brocade FastIron Ethernet Switch Security Configuration Guide User Manual
Page 140: Acl-based rate limiting acl statistics
DSCP matching
The dscp-matching option matches on the packet DSCP value. This option does not change the
packet forwarding priority through the device or mark the packet.
To configure an ACL that matches on a packet with DSCP value 29, enter a command such as the
following.
device(config)#access-list 112 permit ip 1 0.1.1.0 0.0.0.255 10.2.2.x 0.0.0.255 dscp-
matching 29
The complete CLI syntax for this feature is shown in
Extended numbered ACL configuration
on page
112 and
Extended named ACL configuration
on page 118. The following shows the syntax specific to
this feature.
Syntax: ...dscp-matching 0-63
NOTE
For complete syntax information, refer to
on page 112.
ACL-based rate limiting
ACL-based rate limiting provides the facility to limit the rate for IP traffic that matches the permit
conditions in extended IP ACLs. This feature is available in the Layer 2 and Layer 3 code.
NOTE
Brocade devices support ACL-based rate limiting for inbound traffic. This feature is not supported for
outbound traffic.
For more details, including configuration procedures, refer to chapter "Traffic Policies" in the FastIron
Ethernet Switch Traffic Management Guide .
ACL statistics
ACL statistics is a mechanism for counting the number of packets and the number of bytes per packet
to which ACL filters are applied.
To see the configuration procedures for ACL statistics, refer to chapter "Traffic Policies" in the FastIron
Ethernet Switch Traffic Management Guide .
NOTE
The terms ACL statistics and ACL counting are used interchangeably in this guide and mean the same
thing.
DSCP matching
140
FastIron Ethernet Switch Security Configuration Guide
53-1003088-03