Configuring Interface-based Traffic Policing
Context
To limit the incoming and outgoing traffic rate on an interface, configure traffic policing on the interface. If the rate of received or sent packets exceeds the rate limit, the device discards excess packets.
Layer 2 VE interfaces can only configure traffic policing on WAN-side interfaces.
V300R019C10 and earlier versions: Only the AR600 series does not support MPLS. V300R019C11 and later versions: Only the AR611W, AR611W-LTE4CN, AR617VW, AR617VW-LTE4EA, AR617VW-LTE4, AR651C, and AR651F-Lite do not support MPLS.
Procedure
- Run system-view
The system view is displayed.
- (Optional) Run qos overhead layer { link | physics }
A mode is specified for calculating packet lengths during traffic policing or traffic shaping.
By default, the system counts the physical-layer and link-layer compensation information in packet lengths during traffic policing or traffic shaping.
- Run interface interface-type interface-number [ .subinterface-number ]
The interface or sub-interface view is displayed.
- The traffic policing configuration commands on LAN and WAN interfaces are different. Run the following commands as required:
- To configure traffic policing on a WAN interface, run the qos car { inbound | outbound } [ acl acl-number | { destination-ip-address | source-ip-address } range start-ip-address to end-ip-address [ per-address ] [ time-range time-range-name ] ] cir cir-value [ pir pir-value ] [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ remark-8021p 8021p-value | remark-dscp dscp-value | remark-mpls-exp exp-value ] } ] [ yellow { discard | pass [ remark-8021p 8021p-value | remark-dscp dscp-value | remark-mpls-exp exp-value ] } ] [ red { discard | pass [ remark-8021p 8021p-value | remark-dscp dscp-value | remark-mpls-exp exp-value ] } ] command.If you do not specify the CBS and PBS when configuring traffic policing on a WAN interface, their values are as follows:
- If the PIR is not set or set to the same value as the CIR, the CBS is 188 times the CIR and the PBS is 313 times the CIR.
- If the PIR is set to a different value from the CIR, the CBS is 125 times the CIR and the PBS is 125 times the PIR.
When the CBS is smaller than the number of bytes in a packet, the device discards packets of this type.
Configure traffic policing on a LAN interface.
Run qos car inbound cir cir-value
Traffic policing is configured for all services on an interface.
Run qos car { inbound | outbound } { acl acl-number | { destination-ip-address | source-ip-address } range start-ip-address to end-ip-address [ per-address ] [ time-range time-range-name ] } cir cir-value [ pir pir-value ] [ cbs cbs-value pbs pbs-value ] [ green { discard | pass [ remark-8021p 8021p-value | remark-dscp dscp-value | remark-mpls-exp exp-value ] } ] [ yellow { discard | pass [ remark-8021p 8021p-value | remark-dscp dscp-value | remark-mpls-exp exp-value ] } ] [ red { discard | pass [ remark-8021p 8021p-value | remark-dscp dscp-value | remark-mpls-exp exp-value ] } ]
Traffic policing is configured on the interface.
On the AR651K, AR651, AR651W, AR657W, AR6120, AR6120-VW, traffic policing can be performed only for traffic matching a specified ACL rule or with the source and destination IP addresses in the specified range.