Filter
Top Products
Riverstone Networks RS Switch Router User Guide Release 8.0 31-1
31 SERVICE CONFIGURATION
The
service
facility is used to configure rate limiting. It has been designed to reduce the amount of work it takes
to configure a large number of things that require the same configuration. The
service
facility reduces the
complexity of configuring rate limiting on the RS.
This facility can be applied across a variety of network configurations such as an individual flow or an aggregate
of flows. Additionally, it can be used to configure committed access rates and burst rates. See 31.2.4 "Burst-Safe
Rate Limiting Service" for more information about committed access rates and burst rates.
The
service
facility is applied using a feature called Multi Field Classifier (MF Classifier). An MF Classifier is
a mechanism for classifying traffic based on the fields of an IP packet. The MF Classifier retrieves the TCP/UDP
source socket number from a packet and uses this information when applying the service. See 31.3.2 "Applying
Services Using the MF-Classifier Command" for information about MF Classifiers.
The advantages of the
service
commands are:
•
Less commands are used when configuring a rate limit.
•
One service can be applied to one, many, or an unlimited number of interfaces and/or ports using
the MF Classifier.
•
ACLs do not need be defined when using
service
rate limiting.
To illustrate the advantages two examples follow. In the first, an ACL named acl1 is created. Then an aggregate
rate limit of 2 million packets that uses acl1 is created. The name of the rate limit is test1. Finally the rate limit is
applied to interface test2. In the second example, the service test1 is created with a flow-aggregate rate limit of 2
million packets. Then it is applied to interface test2. The examples show that a service is created using less
commands and no ACLs. The section 31.6.1 "Applying a Service to Multiple Servers" shows how one service is
applied to one, many, or an unlimited number of interfaces and/or ports.
Here is the example of the
acl
and
rate-limit
commands required to configure rate limiting:
Here is the example of the
service
commands required to configure rate limiting:
! Create a rate limit
rs(config)# acl acl1 permit ip 10.50.1.0/24 any
rs(config)# rate-limit test1 aggregate acl acl1 rate 2000000 drop-packets
rs(config)# rate-limit test1 apply interface test2
! Create a service with an MF Classifier
rs(config)# service test1l create rate-limit flow-aggregate rate 2000000
exceed-action drop-packets distribute-among 4
rs(config)# service test1 apply rate-limit mf-classifier interface test2
source-addr-mask 10.9.1.3/24