Chapter

ACL-based Rate Limiting

5

 

 

 

 

Table 19 lists the ACL-based rate limiting features supported on Brocade ICX 6650. These features are supported in the Layer 2, edge Layer 3, and full Layer 3 software images, except where explicitly noted.

TABLE 19

Supported ACL-based rate limiting features

 

 

 

Feature

 

Brocade ICX 6650

 

 

Traffic policies

Yes

 

 

ACL-based fixed rate limiting

Yes

 

 

ACL-based adaptive rate limiting

Yes

 

 

802.1p priority bit inspection in the ACL

Yes

for adaptive rate limiting

 

 

 

 

ACL statistics

 

Yes

 

 

 

ACL-based rate limiting overview

ACL-based rate limiting is a method for restricting inbound IP traffic that was permitted by extended IP ACLs, to administrator-configured rates. ACL-based rate limiting is available in the Layer 2 and Layer 3 images.

ACL-based rate limiting is defined using traffic policies. To configure ACL-based rate limiting, you create a traffic policy, reference the traffic policy in one or more ACL entries, and bind the ACL to an interface or port. The traffic policies become effective on ports to which the ACL is bound.

You can configure ACL-based rate limiting on the following interface types:

Physical Ethernet interfaces

Virtual interfaces

Trunk ports

Specific VLAN members on a port

A subset of ports on a virtual interface

Types of ACL-based rate limiting

ACL-based rate limiting is of two types:

Fixed rate limiting – Enforces a strict bandwidth limit. Traffic that exceeds the configured rate limit is either dropped or forwarded at the lowest priority level, depending on the action specified in the traffic policy. To configure fixed rate limiting, refer to “Configuring fixed rate limiting” on page 143.

Brocade ICX 6650 Security Configuration Guide

141

53-1002601-01

 

Page 161
Image 161
Brocade Communications Systems 6650 manual ACL-based rate limiting overview, Types of ACL-based rate limiting