Configuring adaptive rate limiting

3. Bind the ACL to an interface. Enter commands such as the following.

Brocade(config)# interface ethernet 1/1/7

Brocade(config-if-e10000-1/1/7)# ip access-group 104 in

Brocade(config-if-e10000-1/1/7)# exit

The previous commands configure an adaptive rate limiting policy that enforces a guaranteed committed rate of 10000 packets/second on port e1/1/7 and allows bursts of up to 1600 packets. These commands also enforce a peak rate of 20000 packets/second and allow bursts of 4000 packets above the PIR limit. If the port receives additional bits during a given one-second interval, the port drops all packets on the port until the next one-second interval starts.

Syntax: [no] traffic-policy TPD-namerate-limit adaptive cir cir-valuecbs cbs-valuepir pir-valuepbs pbs-valueexceed-action action [count]

Syntax: access-list num permit deny.... traffic policy TPD-name

Syntax: [no] ip access-group num in

NOTE

For brevity, the access-listcommand does not include all parameters.

ATTENTION

Brocade ICX 6650 allows you to add a reference to a non-existent TPD in an ACL statement and to bind that ACL to an interface. Brocade ICX 6650 does not issue a warning or an error message for non-existent TPDs.

Use the no form of the command to delete a traffic policy definition. Note that you cannot delete a traffic policy definition if it is currently in use on a port. To delete a traffic policy, first unbind the associated ACL.

The traffic-policyTPD-nameparameter is the name of the traffic policy definition. This value can be eight or fewer alphanumeric characters.

The rate-limit adaptive cir cir-valueoption specifies that the policy will enforce a flexible bandwidth limit that allows for bursts above the limit.The cir-valueparameter is the committed information rate in packets/second. Refer to Table 20.

The cbs cbs-valueparameter is the committed burst size in packets. Refer to Table 20.

The pir pir-valueparameter is the peak information rate in packets/second. Refer to Table 20. The pbs pbs-valueparameter is the peak burst size in packets. Refer to Table 20.

The exceed-actionaction parameter specifies the action taken on packets that exceed the configured values. Refer to “Handling packets that exceed the rate limit” on page 147.

The count parameter is optional and enables ACL statistics. Refer to “Enabling and using ACL statistics” on page 148.

Inspecting the 802.1p bit in the ACL for adaptive rate limiting

You can configure the Brocade device to rate limit traffic for a specified 802.1p priority value. To do so, complete the following configuration steps.

146

Brocade ICX 6650 Security Configuration Guide

 

53-1002601-01

Page 166
Image 166
Brocade Communications Systems 6650 manual