C
OMMAND
L
INE
I
NTERFACE
4-292
police
This command defines an policer for classified traffic. Use the no form to
remove a policer.
Syntax
[no] police rate-kbps burst-byte [exceed-action {drop | set}]
• rate-kbps - Rate in kilobits per second. (Range: 1-100000 kbps or
maximum port speed, whichever is lower)
• burst-byte - Burst in bytes. (Range: 64-1522 bytes)
• drop - Drop packet when specified rate or burst are exceeded.
• set - Set DSCP service to the specified value. (Range: 0-63)
Default Setting
Drop out-of-profile packets.
Command Mode
Policy Map Class Configuration
Command Usage
• You can configure up to 63 policers (i.e., class maps) for Fast Ethernet
and Gigabit Ethernet ingress ports, and up to 225 policers for 10G
Ethernet ingress ports.
• Policing is based on a token bucket, where bucket depth (i.e., the
maximum burst before the bucket overflows) is by specified the burst-byte
field, and the average rate tokens are removed from the bucket is by
specified by the rate-bps option.
Example
This example creates a policy called “rd_policy,” uses the class command to
specify the previously defined “rd_class,” uses the set command to classify
the service that incoming packets will receive, and then uses the police
command to limit the average bandwidth to 100,000 Kbps, the burst rate to
1522 bytes, and configure the response to drop any violating packets.
Console(config)#policy-map rd_policy
Console(config-pmap)#class rd_class
Console(config-pmap-c)#set ip dscp 3
Console(config-pmap-c)#police 100000 1522 exceed-action drop
Console(config-pmap-c)#