Step 1 |
configure terminal
switch# configure terminal
switch(config)#
|
Enters global
configuration mode.
|
Step 2 |
hardware rate-limiter
access-list-log
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter access-list-log 200
|
Configures rate
limits in packets per second for packets copied to the supervisor module for
access list logging. The range is from 0 to 30000.
|
Step 3 |
hardware rate-limiter
copy
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter copy 30000
|
Configures rate
limits in packets per second for data and control packets copied to the
supervisor module. The range is from 0 to 30000.
Note
|
Layer 3
control, multicast direct-connect, and ARP request packets are controlled by
the Layer 2 copy rate limiter. The first two types of packets are also
controlled by Layer 3 rate limiters, and the last two types are also subject to
control plane policing (CoPP).
|
|
Step 4 |
hardware rate-limiter
f1 {rl-1 |
rl-2 |
rl-3 |
rl-4 |
rl-5 {packets |
disable } } [module
module
[port
start
end]]
switch(config)# hardware rate-limiter f1 rl-1 1000
|
Configures rate
limits in packets per second for F1 Series module packets. The range is from 0
to 30000.
Note
|
The
f1 {rl-1 |
rl-2 |
rl-3 |
rl-4 |
rl-5 } rate
limiters are the only rate limiters that are supported on F1 Series modules.
The other rate limiters are applicable only to the
and M1 Series modules.
|
|
Step 5 |
hardware rate-limiter layer-2
l2pt
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-2 l2pt 30000
|
Configures
rate limits in packets per second for Layer 2 tunnel protocol packets. The
range is from 0 to 30000.
|
Step 6 |
hardware rate-limiter
layer-2 mcast-snooping
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-2 mcast-snooping 20000
|
Configures
rate limits in packets per second for Layer 2 multicast-snooping packets. The
range is from 0 to 30000.
|
Step 7 |
hardware rate-limiter
layer-2 port-security
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-2 port-security 100000
|
Configures
rate limits in packets per second for port-security packets. The range is from
0 to 30000.
|
Step 8 |
hardware rate-limiter
layer-2 storm-control
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-2 storm-control 10000
|
Configures
rate limits in packets per second for broadcast, multicast, and unknown unicast
storm-control traffic. The range is from 0 to 30000.
|
Step 9 |
hardware rate-limiter
layer-2 vpc-low
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-2 vpc-low 10000
|
Configures
rate limits in packets per second for Layer 2 control packets over the VPC low
queue. The range is from 0 to 30000.
|
Step 10 |
hardware rate-limiter
layer-3 control
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-3 control 20000
|
Configures
rate limits in packets per second for Layer 3 control packets. The range is
from 0 to 30000.
|
Step 11 |
hardware rate-limiter
layer-3 glean
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-3 glean 200
|
Configures
rate limits in packets per second for Layer 3 glean packets. The range is from
0 to 30000.
|
Step 12 |
hardware rate-limiter
layer-3 mtu
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-3 mtu 1000
|
Configures
rate limits in packets per second for Layer 3 MTU failure redirected packets.
The range is from 0 to 30000.
|
Step 13 |
hardware rate-limiter
layer-3 multicast
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-3 multicast 20000
|
Configures
rate limits in packets per second for Layer 3 multicast packets in packets per
second. The range is from 0 to 30000.
|
Step 14 |
hardware rate-limiter
layer-3 ttl
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter layer-3 ttl 1000
|
Configures
rate limits in packets per second for Layer 3 failed Time-to-Live redirected
packets. The range is from 0 to 30000.
|
Step 15 |
hardware rate-limiter
receive
{packets |
disable } [module
module [port
start
end]]
switch(config)# hardware rate-limiter receive 40000
|
Configures
rate limits in packets per second for packets redirected to the supervisor
module. The range is from 0 to 30000.
|
Step 16 |
exit
switch(config)# exit
switch#
|
Exits global
configuration mode.
|
Step 17 |
(Optional)
show hardware
rate-limiter [access-list-log |
copy
|
f1 {rl-1 |
rl-2 |
rl-3 |
rl-4 |
rl-5 } |
layer-2 {l2pt |
mcast-snooping |
port-security |
storm-control |
vpc-low } |
layer-3 {control |
glean |
mtu |
multicast |
ttl }
|
module
module |
receive ]
switch# show hardware rate-limiter
|
(Optional)
Displays the
rate limit configuration.
|
Step 18 |
(Optional)
copy running-config
startup-config
switch# copy running-config startup-config
|
(Optional)
Copies the
running configuration to the startup configuration.
|