Manualshelf

Configuration Guide User guide

ManualsBrandsBrocade ManualsComputer AccessoriesFastIron
1831183218331834183518361837183818391840
FastIron Configuration Guide 1781
53-1002494-02
ACL-based rate limiting using traffic policies
Inspecting the 802.1p bit in the ACL for adaptive rate limiting
NOTE
This feature is supported on FastIron X Series IPv6 devices and Brocade FCX Series devices only. It
is not supported on FastIron WS Series devices.
You can configure the Brocade device to rate limit traffic for a specified 802.1p priority value. To do
so, complete the following configuration steps.
1. Create an adaptive rate limiting traffic policy. Enter command such as the following:
Brocade(config)#traffic-policy adap rate-limit adaptive cir 1000 cbs 1000 pir
2000 pbs 10000 exceed-action drop
2. Create an IPv4 extended ACL or IPv6 ACL that includes the traffic policy and 802.1p priority
matching value. Enter a command such as the following:
Brocade(config)#access-list 136 permit ip any any 802.1p-priority matching 3
traffic-policy adap
3. Bind the ACL to an interface. Enter commands such as the following,.
Brocade(config)#interface ethernet 7
Brocade(config-if-e7)#ip access-group 136 in
Brocade(config-if-e7)#exit
Use the show access-list accounting command to view accounting statistics. For more information,
refer to Viewing ACL and rate limit counters on page 1784.
Specifying the action to be taken for packets that are
over the limit
You can specify the action to be taken when packets exceed the configured CIR value for fixed rate
limiting, or the CIR, CBS, PIR, and PBS values for adaptive rate limiting. You can specify one of the
following actions:
Drop packets that exceed the limit.
Permit packets that exceed the limit and forward them at the lowest priority level.
Dropping packets that exceed the limit
This section shows some example configurations and provides the CLI syntax for configuring a port
to drop packets that exceed the configured limits for rate limiting.
The following example shows a fixed rate limiting configuration.
Brocade(config)#traffic-policy TPD1 rate-limit fixed 10000 exceed-action drop
The command sets the fragment threshold at 10,000 packet fragments per second. If the port
receives more than 10,000 packet fragments in a one-second interval, the device drops the excess
fragments.
Syntax: [no] traffic-policy <TPD name> rate-limit fixed <cir value> exceed-action drop
The following example shows an adaptive rate limiting configuration.