Manualshelf

Leaflet

ManualsBrandsCisco ManualsSwitchesCisco Catalyst 6509-NEB-A Switch
81828384858687888990
82
OL-11615-01
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/122sx/cmdref/m1.htm#wp1502440
Configuring Hardware-Based Rate Limiters in Catalyst OS
The following list shows the hardware-based rate limiters available on Catalyst 6500 Series switches
running Catalyst OS:
ACL Bridge Packets, page 82
The ACL Feature (ARP Inspection, DHCP Snooping, 802.1x), page 82
VACL Log, page 83
Layer 2 Port Security, page 84
Layer 2 PDU, page 84
Layer 2 Protocol Tunneling, page 85
Multicast IGMP, page 85
ACL Bridge Packets
This rate limiter limits the number of packets sent to the route processor CPU for ACL bridge results.
Example of ACL bridged packets include packets hitting the log keyword, and packets requiring special
ACL features.
This rate limiter is disabled by default. To enable and set the ACL-bridged rate limiter, use the set acllog
ratelimit command.
Console> (enable) set acllog ratelimit
rate
After entering the set acllog ratelimit command, you must either reset the route processor or perform a
shut/not shut on the route processor interfaces that have ACEs with the log keyword applied. The reset
or shut/no shut action causes the bridged ACEs to be redirected to the route processor with rate limiting.
If the number of packets per second is greater than the rate that you specify, the packets that exceed the
specified rate are dropped. A rate value of 500 is recommended.
This example shows how to enable ACL logging and to specify a rate of 500 for rate limiting:
Console> (enable) set acllog ratelimit 500
If the ACLs-LOG were already applied, the rate limit mechanism will be effective on system
restart, or after shut/no shut the interface.
Console> (enable)
For more information on the set acllog ratelimit command, refer to the following URL:
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat6000/sw_8_5/cmd_ref/ses
_sete.htm#wp1121288
The ACL Feature (ARP Inspection, DHCP Snooping, 802.1x)
The ACL feature rate limiter controls the rate at which packets are sent to the supervisor engine for
processing by the ARP inspection, DHCP snooping, and 802.1X DHCP features.
Note The rate limit is available on the PFC2 or later.