beautypg.com

Ipv6 acl based rate-limiting command options, Configuration sequence, Create ipv6 access-list (acl) – Brocade Multi-Service IronWare QoS and Traffic Management Configuration Guide (Supporting R05.6.00) User Manual

Page 44

background image

30

Multi-Service IronWare QoS and Traffic Management Configuration Guide

53-1003037-02

IPv6 ACL-based rate limiting

2

Multiple IPv6 ACL based rate-limiting policies can be applied to a single port.

Once a matching ACL clause is hit, subsequent rules and subsequent rate-limiting bindings on
the interface are not evaluated.

An undefined ACL can be used in a rate-limiting configuration.

When “force-delete-bound-acl” is enabled, an ACL can be deleted even if in use by a
rate-limiting policy.

Whenever the rules of an ACL used in a rate-limiting binding is modified, the changes are not
reflected immediately. You must execute the IPv6 ACL rebind command for the changes to take
effect.

IPv4 and IPv6 ACL based rate-limiting configurations can co-exist on an interface.

IPv6 ACL based rate-limiting command options

The following sections discuss the configuration sequence and commands in detail. The following
is the entire command syntax. Each of the following configuration commands provide a detailed
description of the specific command.

Syntax: [no] rate-limit {input [vrf VRF_NAME] | output} access-group {acl_id | name {ipv6 | ipv4 |

mac} ACL_NAME} [{priority PRIORITY_QUEUE}] {AVERAGE_RATE_BPS | MAX_BURST_BPS}
| {policy-map POLICY_MAP_NAME}} | strict-acl

NOTE

The keywords IPv4 and mac are used to configure rate-limiting using named IPv4 and named L2
ACLs.

Configuration Sequence

The configuration sequence to configure rate limiting using IPv6 access list include the following.

1. Create the IPv6 access list.

2. Create a policy map.

3. Configure rate limiting on an interface for inbound/outbound traffic using the IPv6 access-list.

a. Configure the average and maximum burst rate-limit parameters.

b. Use the policy-map to apply the rate-limit parameters.

Create IPv6 access-list (ACL)

IPv6 access-lists are named access-lists. The following example is an access-list that blocks all
Telnet traffic received from IPv6 host 2000:2382:e0bb::2.

Brocade(config)# ipv6 access-list fdry

Brocade(config-ipv6-access-list-fdry)# deny tcp host 2000:2382:e0bb::2 any eq

telnet

Brocade(config-ipv6-access-list-fdry)# permit ipv6 any any

Brocade(config-ipv6-access-list-fdry)# exit

See also other documents in the category Brocade Computer Accessories: