Filter
Top Products
27-36
Software Configuration Guide—Release 12.2(25)SG
OL-7659-03
Chapter 27 Configuring Quality of Service
Configuring QoS
Configuring User Based Rate Limiting
User Based Rate Limiting (UBRL) adopts microflow policing capability to dynamically learn traffic
flows and rate limit each unique flow to an individual rate. UBRL is available on Supervisor Engine
V-10GE with the built-in NetFlow support. UBRL can be applied to ingress traffic on routed interfaces
with source or destination flow masks. It can support up to 85,000 individual flows and 511 rates. UBRL
is typically used in environments where a per-user, granular rate-limiting mechanism is required; for
example, the per-user outbound traffic rate could differ from the per-user inbound traffic rate.
Note By default, UBRL polices only routed IP traffic. If you want to police switched IP traffic, you must enter
the ip flow ingress layer2-switched command. (See the “Configuring Switched/Bridged IP Flows”
section on page 38-8). You do not need to enter the ip flow ingress command.
A flow is defined as a five-tuple (IP source address, IP destination address, IP head protocol field, Layer
4 source, and destination ports). Flow-based policers enable you to police traffic on a per flow basis.
Because flows are dynamic, they require distinguishing values in the class map.
When you specify the match flow command with the source-address keyword, each flow with a unique
source address is treated as a new flow. When you specify the match flow command with the
destination-address keyword, each flow with a unique destination address is treated as a new flow. If
the class map used by the policy map has any flow options configured, it is treated as a flow-based policy
map. When you specify the match flow command with the
ip destination-address ip protocol L4 source-address L4 destination-address keyword, each flow
with unique IP source, destination, protocol, and Layer 4 source and destination address is treated as a
new flow.
Note Microflow is only supported on Supervisor Engine V-10GE.
To configure the flow-based class maps and policy maps, perform this task:
Examples
Example 1
This example shows how to create a flow-based class map associated with a source address:
Switch(config)# class-map match-all c1
Switch(config-cmap)# match flow ip {source-address [ip destination_address ip protocl L4
source-address L4 destination address]}
Switch(config-cmap)# end
Switch#
Command Purpose
Step 1
Switch(config)# class-map match-all
class_name
Creates a named class map.
Step 2
Switch(config-cmap)# match flow ip {source-address | ip
destination-address ip protocol L4 source-address L4
destination-address | destination-address}
Specifies the key fields of the flow.
Step 3
Switch(config-cmap)# end
Exits class-map configuration mode.
Step 4
Switch# show class-map
class-name
Verifies the configuration.