Filter
Top Products
Port Traffic Controls
Rate-Limiting
Rate-Limiting
Feature Default Menu CLI Web
rate-limit all none n/a page 13-5 n/a
show rate-limit all n/a n/a page 13-6 n/a
rate-limit icmp none n/a page 13-13 n/a
show rate-limit icmp n/a n/a page 13-14 n/a
All Traffic Rate-Limiting
Rate-limiting for all traffic operates on a per-port basis to allow only the
specified bandwidth to be used for inbound or outbound traffic. When traffic
exceeds the configured limit, it is dropped. This effectively sets a usage level
on a given port, and is a tool for enforcing maximum service level commit-
ments granted to network users. This feature operates on a per-port level and
is not configurable on port trunks. Note that rate-limiting is designed to be
applied at the network edge to limit traffic from non-critical users or to enforce
service agreements such as those offered by Internet Service Providers (ISPs)
to provide only the bandwidth for which a customer has paid.
Note Rate-limiting also can be applied by a RADIUS server during an authentication
client session. For further details, refer to the chapter titled “RADIUS Authen-
tication and Accounting” in the Access Security Guide for your switch.
Caution Rate-limiting is intended for use on edge ports in a network. It is not
recommended for use on links to other switches, routers, or servers
within a network, or for use in the network core. Doing so can
interfere with applications the network requires to function properly.
Note The switches covered in this guide also support ICMP rate-limiting to mitigate
the effects of certain ICMP-based attacks. For more information, refer to
“ICMP Rate-Limiting” on page 13-10.
13-4