Brocade Multi-Service IronWare QoS and Traffic Management Configuration Guide (Supporting R05.6.00) User Manual
Page 21
Multi-Service IronWare QoS and Traffic Management Configuration Guide
7
53-1003037-02
Traffic policing on Brocade NetIron CES and Brocade NetIron CER devices
1
Brocade(config)#access-list 50 permit host 1.1.1.2
Brocade(config)#access-list 50 deny host 1.1.1.3
Brocade(config)#access-list 60 permit host 2.2.2.3
Brocade(config-if-1/1)# rate-limit input access-group 50 500000000 20480
Brocade(config-if-1/1)# rate-limit input access-group 60 100000000 24194240
These commands first configure access-list groups that contain the ACLs that will be used in the
traffic policing policy. Use the permit condition for traffic that will be policed. Traffic that matches
the deny condition is not subject to traffic policing.
Next, the commands configure two traffic policing policies on port 1/1. The policies limit the
average rate of all inbound IP traffic that matches the permit rules of ACLs 50 and 60. The first
policy limits the rate of all permitted IP traffic from host 1.1.1.2 to an average rate of 500 Mbps
with a maximum burst size of 20480 Mbits. Traffic from host 1.1.1.3 is not subject to rate limiting
since it is denied by ACL 50; it is merely forwarded on the port.
The second policy limits the rate of all IP traffic from host 2.2.2.3 to an average of 100 Mbps with a
maximum burst size of 4194240 Mbits.
Traffic that does not match ACLs 50 and 60 is not subject to traffic policing.
Syntax: [no] rate-limit [input | output] access-group group-number [average-rate maximum-burst |
policy-map map-name]
The input parameter applies the policy to traffic on inbound ports.
The output parameter applies the policy to traffic on outbound ports.
The access-group, group-number parameter specifies the group number to which the ACLs used in
the policy belong.
NOTE
An ACL must exist in the configuration before it can take effect in a traffic policing policy.
The average-rate variable specifies the maximum rate allowed on a port during a one-second
interval. The software automatically adjusts the number you enter to the nearest multiple of 8,144
bps. Refer to
on page 1 for more details. This command is only used when
configuring rate limiting directly to a port as described in
“Applying traffic policing parameters
The maximum-burst variable specifies the extra Mbits above the average rate that traffic can have.
Refer to
on page 2 for more details. This command is only used when configuring
traffic policing directly to a port as described in
“Applying traffic policing parameters directly to a
The policy-map parameter specifies the policy map named in the policy-map variable to be used to
provide parameters for traffic policing the VLAN specified. This command is only used when
configuring traffic policing to a port using a policy map as described in
parameters using a policy map”
Using ACLs for filtering in addition to rate limiting
When you use the ACL-based mode, the permit and deny conditions in an ACL you use in a rate
limiting policy work as follows:
•
Permit – The traffic is rate limited according to the other parameters in the rate limiting policy.
•
Deny – The traffic is forwarded instead of dropped, by default.