Advanced Configuration and Management Guide
NOTE: To characterize the traffic, configure ACLs. You can use ACLs for rate policy rules applied to IP interfaces or to virtual interfaces, but not for rate policy rules applied directly to
•Specify how much bandwidth you want to allow the traffic for normal service, and whether you want the device to change the precedence for the traffic before forwarding it.
•For bandwidth above the normal service, specify the action you want the device to take. For example, you can configure the device to drop all traffic that exceeds the normal bandwidth allocation, or change the traffic’s precedence or Diffserv control point, and so on.
•Apply the traffic characterization, the bandwidth limits, and the actions to incoming or outgoing traffic on a specific IP interface, virtual interface, or
Characterizing the Traffic
You can use the following types of ACLs to characterize traffic. When you configure a rate policy rule on an interface, you can refer to the ACLs. In this case, the rate policy rule applies to the traffic that matches the ACLs.
•Standard IP ACL – Matches packets based on source IP address.
•Extended IP ACL – Matches packets based on source and destination IP address and also based on IP protocol information. If you specify the TCP or UDP IP protocol, you also match packets based on source or destination TCP or UDP application port.
•Rate limit ACL – Matches packets based on source MAC address, IP precedence or Diffserv control points, or a set of IP precedence values.
You can configure a rate policy rule without using an ACL. In this case, the rule applies to all types of Ethernet traffic. In fact, you cannot use ACLs in a rate policy rule you apply to a
To configure the ACLs used by the rate policy in Figure 4.2 on page
HP9300(config)#
HP9300(config)#
HP9300(config)#
These ACLs match on all Ethernet packets whose TCP application port is HTTP, FTP, or DNS.
To configure the rate limit ACL used in Figure 4.3 on page
HP9300(config)#
The configuration in Figure 4.4 on page
Here is the syntax for standard ACLs.
Syntax: [no]
or
Syntax: [no]
Syntax: [no]
Syntax: [no]
NOTE: The deny option is not applicable to rate limiting. Always specify permit when configuring an ACL for use in a rate limiting rule.
Here is the syntax for extended ACLs.
Syntax:
4 - 14