Filter
Top Products
Advanced Configuration and Management Guide
The rate policy rules are for three TCP/UDP applications: HTTP (web), FTP, and DNS. The fourth rule is for all
other Ethernet traffic (traffic that is not for one of the three applications). The device applies rate policy rules in the
order in which you apply them to an interface. In this case, the rules are applied in the following order:
• Inbound TCP traffic
• Inbound FTP traffic
• Outbound DNS traffic
• All other inbound Ethernet traffic
Notice that each rule is associated with a traffic direction. You can apply a given rate policy rule to traffic received
on an interface, sent on an interface, or both.
For each rule, the device counts the bytes that apply to the rule during each Committed Time Interval (time
interval, which can be from 1/10th second up to one second). The device takes the conform action, which is
action specified by the rule for Normal Burst Size, so long as the number of bytes for the traffic is within the Normal
Burst Size value. Once the number of bytes exceeds the Normal Burst Size and thus enters the Excess Burst
Size, the device takes the exceed action.
“How Adaptive Rate Limiting Works” on page 4-10 describes how the
byte counters for the Normal Burst Size and Excess Burst Size are incremented.
Each rule incudes one of the following actions depending on whether the traffic is conforming with the Normal
Burst Size or has exceeded the Normal Burst Size:
• Forward the traffic
• Drop the traffic
• Change the IP precedence or Diffserv control point and forward the traffic
• Change the IP precedence or Diffserv control point, then continue comparing the traffic to the rate policy rules
• Continue comparing the traffic to the rate policy rules without changing the IP precedence or Diffserv control
point
In Figure 4.2, all of the policies set the IP precedence to 5 (critical) for in traffic that conforms to the Normal Burst
Size. In other words, for all packets up to the maximum number of bytes specified by the Normal Burst Size, the
device sets the precedence in each packet to 5.
The policies take different actions for traffic in the Excess Burst Size. Some policies set the precedence and
forward the traffic while other policies drop the traffic. In Figure 4.2, the rule for HTTP traffic sets the precedence
to zero (routine) for traffic in the Excess Burst Size. The other policies drop the traffic.
In all cases, after the maximum number of bytes for the Normal Burst Interval and the Excess Burst Size match a
given rule, the software drops additional bytes that match the rule until the burst size counters are reset.
4 - 6