beautypg.com

Rate limiting arp packets – Brocade Multi-Service IronWare Switching Configuration Guide (Supporting R05.6.00) User Manual

Page 780

background image

750

Multi-Service IronWare Switching Configuration Guide

53-1003036-02

Configuring ARP parameters

19

NOTE

If the device receives an ARP request packet that it is unable to deliver to the final destination
because of the ARP timeout and no ARP response is received (the Brocade device knows of no route
to the destination address), the device sends an ICMP Host Unreachable message to the source.

Rate limiting ARP packets

For rate-limiting purposes, ARP traffic destined for the CPU is assigned a separate global QoS ID
0xFFE. You can configure the rate-limit parameters using the following global CONFIG command.

Brocade(config)# ip rate-limit arp policy-map

By default, the rate-limit parameters for QoS ID 0xFFE will be initialized to allow line-rate traffic. The
rate-limit parameters specified using the policy-map are applicable on a per-PPCR basis.

To display ARP accounting statistics, enter the following command.

Brocade(config)# show rate-limit arp

This command displays the byte counters corresponding to QoS ID 0xFFE.

Brocade(config)# clear rate-limit arp

This command clears the byte counters corresponding to QoS ID 0xFFE.

When priority-based rate limiting is enabled, QoS IDs 0x3FE, 0x7FE and 0xBFE will be re-mapped to
0xFFE. When priority-based rate limiting is disabled, QoS IDs 0x3FE, 0x7FE and 0xBFE will not be
re-mapped to 0xFFE. In either case, only QoS ID 0xFFE will be added to the list of used QoS IDs.

To enable the dynamic addition, deletion, or change in rate-limit values of a policy-map, enter the
following command.

Brocade(config)# ip rate-limit arp policy-map

This command takes effect automatically, without unbinding and rebinding the ARP RL policy. If the
ARP Rate Limit policy specifies an undefined policy-map, rate limit values are initialized to line-rate
values. Dynamic enabling and disabling of priority based rate limiting on a global basis takes effect
automatically for the ARP RL policy.

NOTE

ARP packets destined for the CPU will be not be rate-limited by interface-level Layer 2 RL-ACLs. To
rate-limit switched ARP packets using interface-level Layer 2 ACLs, you must define an explicit ACL
filter with an “etype arp” option, as shown in the following example:

To define an explicit ACL filter, enter commands similar to the following.

Brocade(config)# access-list 410 permit any any any etype arp

Brocade(config)# int eth 4/1

Brocade(config-if-e10000-4/1)# rate-limit in access-gr 410 policy-map view

NOTE

Since ARP packets are broadcast packets, ARP packets are switched by default within a VLAN by the
CPU. Thus to rate-limit switched ARP packets using interface-level Layer 2 ACLs, you must also
configure vlan-cpu-protection.

See also other documents in the category Brocade Computer Accessories: