Cisco Systems OL-16066-01 appendix 216

Table K-96

QoS Class Dialog Box—Policing Tab (Continued)

Excess Burst

The excess burst size, which determines how large traffic bursts can be

before all traffic exceeds the rate limit. In the token bucket algorithm, it

represents the full size of the second (exceed) token bucket.

The range of valid values is determined by the CIR:

• When the CIR is defined by percentage—Valid values range from 1 to

2000 milliseconds.

• When the CIR is defined by an absolute value—Valid values range from

1000-512000000 bytes.

Conform action

The action to take on packets that conform to the rate limit:

•

transmit—Transmits the packet.

• set-prec-transmit—Sets the IP precedence to a value you specify (0 to 7)

and then sends the packet. Not available on the control plane.

• set-dscp-transmit—Sets the DSCP to a value you specify (0 to 63) and

then sends the packet. Not available on the control plane.

•

drop—Drops the packet.

Exceed action

The action to take on packets that exceed the rate limit, but can be handled

using the second (exceed) token bucket.

The actions available for selection depend on the defined conform action.

For example, if you select one of the set options as the conform action, you

cannot select transmit as the exceed action. If you select drop as the conform

action, then you must also select drop as the exceed action.

Violate action

The action to take on packets that cannot be serviced by either the conform

bucket or the exceed bucket.

The actions available for selection depend on the defined exceed action. For

example, if you select one of the set options as the exceed action, you cannot

select transmit as the violate action. If you select drop as the exceed action,

then you must also select drop as the violate action.

User Guide for Cisco Security Manager 3.2

K-216

OL-16066-01