216 | Cisco Systems OL-16066-01 instruction

Appendix K Router Platform User Interface Reference

Quality of Service Policy Page

Table K-96	QoS Class Dialog Box—Policing Tab (Continued)

Excess Burst		The excess burst size, which determines how large traffic bursts can be
		before all traffic exceeds the rate limit. In the token bucket algorithm, it
		represents the full size of the second (exceed) token bucket.
		The range of valid values is determined by the CIR:
		• When the CIR is defined by percentage—Valid values range from 1 to
			2000 milliseconds.
		• When the CIR is defined by an absolute value—Valid values range from
			1000-512000000 bytes.

Conform action		The action to take on packets that conform to the rate limit:
		•	transmit—Transmits the packet.
		• set-prec-transmit—Sets the IP precedence to a value you specify (0 to 7)
			and then sends the packet. Not available on the control plane.
		• set-dscp-transmit—Sets the DSCP to a value you specify (0 to 63) and
			then sends the packet. Not available on the control plane.
		•	drop—Drops the packet.

Exceed action		The action to take on packets that exceed the rate limit, but can be handled
		using the second (exceed) token bucket.
		The actions available for selection depend on the defined conform action.
		For example, if you select one of the set options as the conform action, you
		cannot select transmit as the exceed action. If you select drop as the conform
		action, then you must also select drop as the exceed action.

Violate action		The action to take on packets that cannot be serviced by either the conform
		bucket or the exceed bucket.
		The actions available for selection depend on the defined exceed action. For
		example, if you select one of the set options as the exceed action, you cannot
		select transmit as the violate action. If you select drop as the exceed action,
		then you must also select drop as the violate action.

	User Guide for Cisco Security Manager 3.2
K-216	OL-16066-01

Image 216

Cisco Systems OL-16066-01 appendix 216

Contents

Router Platform User Interface Reference CPU Policy Page, page K-107 Dhcp Policy Page, page K-167 NTP Policy Page, page K-174 NAT Page-Interface Specification Tab NAT PolicyFor more information, see NAT on Cisco IOS Routers, Chapter K, Router Platform User Interface Reference Edit Interfaces Dialog Box-NAT Inside Interfaces Related Topics Edit Interfaces Dialog Box-NAT Outside Interfaces Field Reference NAT Page-Static Rules Tab NAT Static Rule Dialog Box Information, see Filtering Tables, Basic Interface Settings on Cisco IOS Routers, Defining Static NAT Rules,Disabling the Alias Option for Attached Subnets, Disabling the Payload Option for Overlapping Networks, Table K-5 NAT Static Rule Dialog Box Table K-5 NAT Static Rule Dialog Box Appendix K Router Platform User Interface Reference NAT Page-Interface Specification Tab, page K-3 NAT Page-Dynamic Rules TabFor more information, see Defining Dynamic NAT Rules, NAT Dynamic Rule Dialog Box Object Selectors, page F-593 F-593 NAT Page-Timeouts Tab Specifying NAT Timeouts, Router Interfaces Table Columns and Column Heading Features, Create Router Interface Dialog Box Enabled Type Name Parent Discontiguous Network Masks, BRI, PRI Isdn Table K-10 Create Router Interface Dialog Box MTU Vlan ID Interface Auto Name Generator Dialog Box Dlci Advanced Interface Settings Available Interface Types, CDP Advanced Interface Settings Dialog Box You can create an interface role object Eguide09186a00804247fc.html Selectors, page F-593For more information, see Understanding Helper Addresses, Cisco Discovery Protocol settings Table K-13 Advanced Interface Settings Dialog Box Fragreassmps6441TSDProductsConfigurationGuideChapter.html VFR00800a3ded.shtml ACL AIM-IPS Interface Settings IPS Monitoring Information Dialog Box Dialer Policy Configuring Dial Backup, Dialer Profile Dialog Box SPID1SPID2 Table K-17 Dialer Profile Dialog Box Dialer Physical Interface Dialog Box Isdn BRI Adsl Policy Adsl on Cisco IOS Routers, Adsl Settings Dialog Box Defining Adsl Settings, PVC Policy Page, page K-54 Supported by each card type may cause deployment to fail Table K-20 Adsl Settings Dialog Box Shdsl Policy Shdsl on Cisco IOS Routers, Edit the selected DSL controller definition Shdsl Controller Dialog Box Defining Shdsl Controllers,Dialog Box, page K-53 User Guide for Cisco Security Manager CPE Table K-22 Shdsl Dialog Box Controller Auto Name Generator Dialog Box PVC Policy PVC ID PVCPVC OAM OAM-PVC PVC Dialog Box Defining ATM PVCs, Table K-25 PVC Dialog Box PVC Dialog Box-Settings Tab, page K-59 PVC. See PVC Dialog Box-QoS Tab, page K-63Inverse ARP. See PVC Dialog Box-Protocol Tab, page K-67 PVC Dialog Box-Settings Tab VPI VCIIlmi PVC Resources are freed for other dial-in users PVC Dialog Box-QoS Tab Dialog Box-Protocol Tab, page K-67PPP Quality of Service Policy Page, page K-199 Understanding Policing and Shaping Parameters, Service Classes, ABRCBR UBR UBR+VBR-NRT VBR-RT PVC Dialog Box-Protocol Tab Define Mapping Dialog Box PVC Dialog Box, page K-56 Defining ATM PVCs, PVC Advanced Settings Dialog Box Type for the PVC. See PVC Dialog Box-Settings Tab, page K-59 PVC Advanced Settings Dialog Box-OAM Tab Advanced Settings Dialog Box-OAM Tab, page K-70Advanced Settings Dialog Box-OAM-PVC Tab, page K-73 Go to the PVC Dialog Box, page K-56, then click Advanced PVC Dialog Box, page K-56 Table K-31 PVC Advanced Settings Dialog Box-OAM Tab PVC Advanced Settings Dialog Box-OAM-PVC Tab OAM-PVC tab Table K-32 PVC Advanced Settings Dialog Box-OAM-PVC Tab Table K-32 PVC Advanced Settings Dialog Box-OAM-PVC Tab PPP/MLP Policy Table K-33 PPP/MLP PPP Dialog Box Defining PPP Connections, Connection. See PPP Dialog Box-PPP Tab, page K-80 PPP Dialog Box-PPP Tab Tab, page K-84PPP Dialog Box-MLP Tab, page K-84 Table K-35 PPP Dialog Box-PPP Tab It for other PPP connections on this device Chap Authentication settings PPP Dialog Box-MLP Tab PPP Dialog Box-PPP Tab, page K-80MLP Advance None-Negotiation is conducted without using an endpoint AAA Policy AAA Page-Authentication Tab Defining AAA Services, Predefined AAA Authentication Server Groups, Understanding Method Lists,AAA Server Group Dialog Box, page F-12 AAA Page-Authorization Tab Information, see Filtering Tables, Command Authorization Dialog Box AAA Page-Accounting Tab Table K-41 AAA Page-Accounting Tab See description Table N-91 on page N-131 Command Accounting Dialog Box Server groups configured with TACACS+ Accounts and Credential s Policy Table K-43 Accounts and Credentials User Account Dialog Box 100 Understanding FlexConfig Objects, Defining Accounts and Credential Policies,User Accounts and Device Credentials on Cisco IOS Routers, MD5 Bridging Policy Bridging on Cisco IOS Routers,102 Bridge Group Dialog Box 103 Clock Policy 104 105 106 CPU Policy 107 108 109 Http Policy 110 Http Page-Setup Tab Http and Https on Cisco IOS Routers,111 Http Page-AAA Tab Https112 Http Page-Setup Tab, page K-111 113 114 115 Command Authorization Override Dialog Box Http Policy Page, page K-110AAA Policy Page, page K-87 116 Console Policy 117 Console Page-Setup Tab VTY Line Dialog Box-Setup Tab, page K-132118 119 120 Console Page-Authentication Tab 121 Page-Authentication Tab, page K-88 122 Console Page-Authorization Tab 123 124 Console Page-Accounting Tab 125 126 Page-Accounting Tab, page K-93 127 128 VTY Policy 129 130 Line Access on Cisco IOS Routers, Dialog Box-Setup Tab, page K-132VTY Line Dialog Box 131 VTY Line Dialog Box-Setup Tab Defining VTY Line Setup Parameters,Console Page-Setup Tab, page K-118 132 133 Policy. See Http Page-Setup Tab, page K-111 134 135 VTY Line Dialog Box-Authentication Tab 136 VTY Line Dialog Box-Authorization Tab 137 Page-Authorization Tab, page K-90 138 VTY Line Dialog Box-Accounting Tab 139 140 141 142 Command Authorization Dialog Box-Line Access Console Policy Page, page K-117 VTY Policy Page, page K-129143 Level. See Command Accounting Dialog Box, page K-96 144 Command Accounting Dialog Box-Line Access 145 146 Secure Shell Policy 147 Box-Setup Tab, page K-132 148 Snmp Policy For more information, see Defining Snmp Agent Properties,149 Snmp on Cisco IOS Routers, 150 Permission Dialog Box Generate. See Snmp Traps Dialog Box, page K-155151 Trap Receiver Dialog Box, page K-153 Snmp Traps Dialog Box, page K-155Defining Snmp Agent Properties, 152 Trap Receiver Dialog Box Permission Dialog Box, page K-151153 154 Snmp Traps Dialog Box 155 For more information, see Understanding IKE, 156 157 DNS Policy 158 IP Host Dialog Box DNS on Cisco IOS Routers,159 Hostname Policy Hostnames and Domain Names on Cisco IOS Routers,160 For more information, see Defining Router Memory Settings, Memory Policy161 162 Secure Device Provisioning Policy Secure Device Provisioning on Cisco IOS Routers,163 Administrative Introducers, Secure Device Provisioning Workflow,Understanding PKI Enrollment Objects, Click Select to display an Object Selectors, page F-593 165 166 Dhcp Policy For more information, see Defining Dhcp Policies,Dhcp on Cisco IOS Routers, 167 To display an Object Selectors, page F-593 Definition, page 9-153and Supported IP Address Formats,168 169 Dhcp Database Dialog Box Defining Dhcp Policies,IP Pool Dialog Box, page K-171 170 IP Pool Dialog Box 171 Select to display an Object Selectors, page F-593 172 Ddhhmm 173 NTP Policy For more information, see Defining NTP Servers,174 NTP Server Dialog Box, page K-176 175 NTP Server Dialog Box 176 Policy Page, page K-174 177 K-174 178 802.1x Policy For more information, see Defining 802.1x Policies,179 Or click Add to display an Object Selectors, page F-593 Defined here. See PPP Dialog Box, page K-78180 181 182 Network Admission Control Page-Setup Tab Network Admission Control Policy183 Defining NAC Setup Parameters, 184 Configuration Dialog Box, page K-187 More information, see Working with Access Rules,185 Network Admission Control Page-Setup Tab, page K-183 Network Admission Control Page-Interfaces TabDefining NAC Interface Parameters, 186 NAC Interface Configuration Dialog Box 187 Page, page F-31 188 Network Admission Control Page-Identities Tab Defining NAC Identity Parameters,189 NAC Identity Profile Dialog Box 190 NAC Identity Action Dialog Box NAC Identity Action Dialog Box, page K-191Actions, see NAC Identity Action Dialog Box, page K-191 NAC Identity Profile Dialog Box, page K-190 Logging Setup Policy Intercept ACL. See NAC Interface Configuration Dialog BoxBox, page K-190 K-187 193 Information, see -5 on 194 195 196 Syslog Servers Policy For more information, see Defining Syslog Servers,197 Syslog Server Dialog Box XML198 Quality of Service Policy Defining Syslog Servers,Logging on Cisco IOS Routers, Understanding Network/Host Objects, Defining QoS Policies, Understanding Control Plane Policing,CIR 200 201 202 Quality of Service on Cisco IOS Routers, QoS Policy Dialog BoxK-205 203 204 QoS Class Dialog Box 205 206 Box-Matching Tab, page K-208 Box-Queuing and Congestion Avoidance Tab, page K-212Dialog Box-Policing Tab, page K-214 Tab, page K-217 QoS Class Dialog Box-Matching Tab 208 Dscp F-593. For more information, see Edit ACLs Dialog Box-QoSClasses, page K-210 209 Edit ACLs Dialog Box-QoS Classes Defining QoS Class Matching Parameters,210 QoS Class Dialog Box-Marking Tab 211 QoS Class Dialog Box-Queuing and Congestion Avoidance Tab 212 213 QoS Class Dialog Box-Policing Tab 214 215 216 QoS Class Dialog Box-Shaping Tab 217 218 BGP Routing Policy 219 BGP Page-Setup Tab Defining BGP Routes,Supported IP Address Formats, 220 Dialog Box, page K-222 221 Neighbors Dialog Box 222 BGP Page-Setup Tab, page K-220 BGP Page-Redistribution TabRedistributing Routes into BGP, 223 BGP Redistribution Mapping Dialog Box 224 225 Eigrp Page-Setup Tab Eigrp Routing Policy226 Eigrp Setup Dialog Box 227 Defining Eigrp Routes, 228 Eigrp Page-Setup Tab, page K-226 Eigrp Page-Interfaces TabEdit Interfaces Dialog Box-EIGRP Passive Interfaces 229 Defining Eigrp Interface Properties, 230 Systems, see Eigrp Setup Dialog Box, page K-227 Eigrp Interface Dialog Box231 Eigrp Page-Redistribution Tab 232 233 Eigrp Redistribution Mapping Dialog Box Redistributing Routes into EIGRP,Page-Redistribution Tab, page K-223 234 235 Ospf Interface Policy 236 237 Defining Ospf Interface Settings, Ospf Interface Dialog BoxOspf Routing on Cisco IOS Routers, 238 239 240 241 Objects, 242 Ospf Process Page-Setup Tab Ospf Process Policy243 Defining Ospf Process Settings, 244 Ospf Setup Dialog Box 245 Ospf Process Page-Setup Tab, page K-243 Edit Interfaces Dialog Box-OSPF Passive Interfaces246 Defining Ospf Area Settings, Ospf Process Page-Area Tab247 Ospf Area Dialog Box 248 Ospf Process Page-Redistribution Tab 249 250 Ospf Redistribution Mapping Dialog Box 251 252 253 Ospf Max Prefix Mapping Dialog Box Ospf Redistribution Mapping Dialog Box, page K-251K-243 254 RIP Page-Setup Tab RIP Routing Policy255 Defining RIP Setup Parameters, An Object Selectors, page F-593256 RIP Page-Authentication Tab Edit Interfaces Dialog Box-RIP Passive Interfaces257 Defining RIP Interface Authentication Settings, RIP Page-Setup Tab, page K-255258 RIP Authentication Dialog Box 259 Redistribution tab. See RIP Page-Setup Tab, page K-255 RIP Page-Redistribution Tab260 RIP Redistribution Mapping Dialog Box Redistributing Routes into RIP,261 262 Static Routing Policy Static Routing on Cisco IOS Routers,263 Static Routing Dialog Box 264 Defining Static Routes, 265 266 267 268