Brocade Communications Systems 6650 Switch User Manual


 
148 Brocade ICX 6650 Security Configuration Guide
53-1002601-01
Enabling and using ACL statistics
The above command creates an adaptive rate limiting policy that enforces a committed rate of
10000 packets per second with committed provisioning for burst sizes up to 1600 packets above
the CIR limit. This command also enforces a peak rate of 20000 packets per second and allows
bursts of 4000 packets above the PIR limit. If the port receives additional packets during a given
one-second interval, the port drops all packets on the port until the next one-second interval starts.
Syntax: [no] traffic-policy TPD-name rate-limit adaptive cir cir-value cbs cbs-value pir pir-value pbs
pbs-value exceed-action drop
Permitting packets at low priority
The alternative to dropping packets that exceed the rate limit, is to forward them at the lowest
priority.
The following example shows a fixed rate limiting policy with the permit-at-the-lowest-priority action.
Brocade(config)# traffic-policy TPD1 rate-limit fixed 10000 exceed-action
permit-at-low-pri
The above command sets the fragment threshold at 10000 packets per second. If the port
receives more than 10000 packets in any one-second interval, the device forwards the excess
fragments at the lowest priority level.
Syntax: [no] traffic-policy TPD-name rate-limit fixed cir-value exceed-action permit-at-low-pri
The following example shows the permit-at-the-lowest-priority action applied to an adaptive rate
limiting policy.
Brocade(config)# traffic-policy TPDAfour rate-limit adaptive cir 10000 cbs 1600
pir 20000 pbs 4000 exceed-action permit-at-low-pri
The above command creates an adaptive rate limiting policy that enforces a committed rate of
10000 packets per second with committed provisioning for burst sizes up to 1600 packets above
the CIR limit. The above command also enforces a peak rate of 20000 packets per second and
allows bursts of 4000 packets above the PIR limit. If the port receives additional packets during a
given one-second interval, the port forwards excess packets at the lowest priority level until the
next one-second interval starts.
Syntax: [no] traffic-policy TPD-name rate-limit adaptive cir cir-value cbs cbs-value pir pir-value pbs
pbs-value exceed-action permit-at-low-pri
Enabling and using ACL statistics
ACL statistics help administrators discover how an individual traffic policy affects traffic. ACL
statistics are automatically enabled when a traffic policy that specifies a rate limit is applied.
However, you can also create (and apply) a traffic policy that enables ACL statistics without
enforcing any rate limit.
“Enabling ACL statistics” on page 149 explains how to enable ACL statistics without implementing
any rate limit. “Enabling ACL statistics with rate limiting traffic policies” on page 150 explains how
to enable ACL statistics in a traffic policy that specifies a rate limit. “Viewing traffic policies” on
page 152 explains how to view ACL statistics using show commands. “Clearing ACL and rate limit
counters” on page 151 explains how to clear ACL statistic counters.