4-5
the required number of tokens are generated in the token bucket. Thus, traffic rate is restricted to the
rate for generating tokens, thus limiting traffic rate and allowing bursty traffic.
Line rate can only limit the total traffic rate on a physical port, while traffic policing can limit the rate of a
flow on a port. To limit the rate of all the packets on a port, using line rate is easier.
Configuring Traffic Policing
Configuration Procedure
Follow these steps to configure traffic policing:
To do… Use the command… Remarks
Enter system view system-view —
Create a class and enter
class view
traffic classifier tcl-name [ operator
{ and | or } ]
—
Configure the match
criteria
if-match match-criteria —
Exit class view quit —
Create a behavior and
enter behavior view
traffic behavior behavior-name —
Configure a traffic policing
action
car cir committed-information-rate
[ cbs committed-burst-size [ ebs
excess-burst-size ] ] [ pir
peak-information-rate ] [ green action ]
[ red action ] [ yellow action ]
Required
Exit behavior view quit —
Create a policy and enter
policy view
qos policy policy-name —
Associate the class with
the traffic behavior in the
QoS policy
classifier tcl-name behavior
behavior-name
—
Exit policy view quit —
To an interface Applying the QoS policy to an interface —
To online
users
Applying the QoS policy to online
users
—
To a VLAN Applying the QoS policy to a VLAN —
Apply the
QoS
policy
Globally
Applying the QoS policy globally —
Configuration Example
Configure traffic policing on GigabitEthernet 1/0/1 to limit the rate of received HTTP traffic to 512 kbps
and drop the exceeding traffic.
# Enter system view.
<Sysname> system-view
# Configure advanced ACL 3000 to match HTTP traffic.
[Sysname] acl number 3000
To Next Page
Loading...
