Traffic policies overview

Adaptive rate limiting – Enforces a flexible bandwidth limit that allows for bursts above the limit. You can configure adaptive rate limiting to forward traffic, modify the IP precedence of and forward traffic, or drop traffic based on whether the traffic is within the limit or exceeds the limit. To configure adaptive rate limiting, refer to “Configuring adaptive rate limiting” on page 144.

Traffic policies overview

Traffic policies are rules that define rate limits on packets permitted by ACLs. As traffic policies apply rate limits on specific interfaces using ACLs, this method is also called ACL-based rate limiting. The process for applying a traffic policy to an interface involves:

1.Creating a traffic policy

2.Adding a reference to the traffic policy in an ACL entry

3.Binding the ACL associated with this ACL entry to an interface

Traffic policy structure

A traffic policy has the following structure:

Traffic policy name – A string of up to eight alphanumeric characters that identifies individual traffic policy definitions.

Traffic policy definition (TPD) – The command action associated with a traffic policy name. A TPD includes either or both of the following:

-Rate limiting policy

-ACL statistics

ACL statistics

Traffic policies also enable ACL statistics. ACL statistics, also called ACL counting, are automatically enabled when a traffic policy that defines a rate limit is enforced (activated). However, you can also create and enforce traffic policies that enable ACL statistics but do not enforce any rate limit.

On Brocade ICX 6650, ACL counting for fixed rate limiting is similar to the single-rate three-color marker (srTCM) mechanism described in RFC 2697. ACL counting for adaptive rate limiting is similar to the two-rate three-color marker (trTCM) mechanism described in RFC 2698.

In both types of rate limiting, ACL statistics can collect the following information:

The total number of packets and bytes permitted by all ACLs to which the traffic policy is attached. This statistic is available in all traffic policies.

The total number of packets at different conformance levels ( either trTCM or srTCM, depending on the type of rate limiting applied) across all active ACLs to which the traffic policy is attached. This statistic is available in traffic policies that enable rate limiting.

NOTE

Refer to “Enabling and using ACL statistics” on page 148. To configure traffic policies for ACL counting, refer to “Enabling ACL statistics” on page 149.

142

Brocade ICX 6650 Security Configuration Guide

 

53-1002601-01

Page 162
Image 162
Brocade Communications Systems 6650 manual Traffic policies overview, Traffic policy structure, ACL statistics