Configuration Guide User guide
1776 FastIron Configuration Guide
53-1002494-02
ACL-based rate limiting using traffic policies
Setting the maximum number of traffic policies
supported on a Layer 3 device
NOTE
This configuration is supported on FastIron devices with the exception of the FCX platforms. Setting
the system-max for traffic policies is not required on FCX platforms as the default number of traffic
policies is also the maximum number.
If desired, you can adjust the maximum number of active traffic policies that a Layer 3 device will
support. To do so, enter commands such as the following at the global CONFIG level of the CLI.
Brocade(config)#system-max hw-traffic-conditioner 25
Brocade(config)#write memory
Brocade(config)#reload
NOTE
You must save the configuration and reload the software to place the change into effect.
Syntax: [no] system-max hw-traffic-conditioner <num>
The <num> variable is a value from 0 through n, where 0 disables hardware resources for traffic
policies, and n is a number up to 50. The maximum number you can configure depends on the
configuration and available memory on your device. If the configuration you enter causes the
device to exceed the available memory, the device will reject the configuration and display a
warning message on the console.
NOTE
Brocade does not recommend setting the system maximum for traffic policies to 0 (zero), because
this renders traffic policies ineffective.
ACL-based rate limiting using traffic policies
ACL-based rate limiting provides the facility to limit the rate for IP traffic that matches the permit
conditions in extended IP ACLs. This feature is available in the Layer 2 and Layer 3 code.
To configure ACL-based rate limiting, you create individual traffic policies, and then reference the
traffic policies in one or more ACL entries (also called clauses or statements). The traffic policies
become effective on ports to which the ACLs are bound.
When you configure a traffic policy for rate limiting, the device automatically enables rate limit
counting, similar to the two-rate three-color marker (trTCM) mechanism described in RFC 2698 for
adaptive rate limiting, and the single-rate three-color marker (srTCM) mechanism described in RFC
2697 for fixed rate limiting. This feature counts the number of bytes and trTCM or srTCM
conformance level per packet to which rate limiting traffic policies are applied. Refer to “ACL
statistics and rate limit counting” on page 1782.
You can configure ACL-based rate limiting on the following interface types:
• Physical Ethernet interfaces
• Virtual interfaces
• Trunk ports