Rate Limiting with Legacy Modules on ERS8600

Posted On Apr 1, 2009 at at 5:37 PM by Dophi  

    The rate limiting on a legacy module of ERS8600 is achieved by a set of filters and QoS profiles. In addition, due to the limitation of filters on ERS8600, this can limit only inbound traffic on a port.

    The steps below describes how we can use filters to control inbound traffic from a FTP server.


1. Crease a Qos profile and set the traffic limitation: The average rate is accomplished in increments of 64 bytes every 2.5 milliseconds.

ERS-8606:5# config ip traffic-filter create traffic-profile 1
ERS-8606:5# config ip traffic-filter traffic-profile 1 average-rate 1000
ERS-8606:5# config ip traffic-filter traffic-profile 1 discard-out-profile enable
ERS-8606:5# config ip traffic-filter traffic-profile 1 enable true
ERS-8606:5# config ip traffic-filter traffic-profile 1 name "ftp"

2. Create a source filter and bind it with Qos profile 1: The source or destination filters can only filter inter-VLAN routing traffic. If the clients and servers locate in the same VLAN, we should use global filter instead of them. The IP address of FTP server is 20.1.1.240.

ERS-8606:5# config ip traffic-filter create source src-ip 20.1.1.240/255.255.255.255 dst-ip 0.0.0.0/0.0.0.0 id 1
ERS-8606:5# config ip traffic-filter filter 1 action statistic enable
ERS-8606:5# config ip traffic-filter filter 1 action traffic-profile 1

3. Crease a filter set and assign it to the port connecting FTP server:

ERS-8606:5# config ip traffic-filter set 300 create name "FTP_S"
ERS-8606:5# config ip traffic-filter set 300 add-filter 1

Actually, I don’t like rate limiting filters of ERS8600 because it’s so difficult to calculate an accurate traffic rate we would like to control.  Fortunately, the R and RS modules come with a new ACL concept we can easily implement rate limiting on ERS8600.

Posted in Labels: , , |

0 comments:

Post a Comment

Subscribe to: Post Comments (Atom)