How to Define Rate Limits

Policy Manager allows you to create and define rate limits as components of a class of service. Rate limits are used to control the transmit rate at which traffic enters and exits ports in your network.

Policy Manager uses role-based rate limits that are tied directly to roles and rules, and are written to a device when the role/rule is enforced.

  Note: Policy Manager also supports priority-based rate limits for use with legacy devices. See How to Configure How to Define Priority-Based Rate Limits for more information. Refer to the NetSight Firmware Support tables to determine which type of rate limit a specific device/firmware supports.

Instructions on:

Defining Rate Limits

Rate limits are defined within a class of service and associated with a specific role via a rule action or as a role default. When role-based rate limits are implemented, all traffic on the port that matches the rule with the associated rate limit cannot exceed the configured limit. If the rate exceeds the configured limit, frames are dropped until the rate falls below the limit.

The rate limit will remain on the port only as long as the role using the rate limit is active on the port either as the authenticated role or as the port's default role.

You can create a rate limit at the same time that you assign a rate limit to a CoS for a specific port group.

  1. Open the Class of Service Configuration window (available from the Policy Manager Edit menu).
  2. In the table, select the desired CoS and then double-click on that row under an Inbound RL port group (the Default group or a group you created) to display a drop-down menu. Select Create to open the Create Rate Limit/Shaper window.
  3. Fill out the Create Rate Limit/Shaper window:
    1. Specify the desired rate limit.
    2. Select the action you would like performed if the rate limit is exceeded:
      • Generate System Log on Rate Violation - a syslog message is generated when the rate limit is first exceeded.
      • Generate Audit Trap on Rate Violation - an audit trap is generated when the rate limit is first exceeded.
      • Disable Port on Rate Violation - the port is disabled when the rate limit is first exceeded.
       NOTE:N-Series Gold devices do not support rate limit notification.
    3. Click OK.

    The rate limit will appear in the CoS Configuration table mapped to the CoS.

Role-based rate limits are written to your devices when you enforce the role that includes them.

Removing a Rate Limit

Rate limits remain on a port only as long as the role using the rate limit is active on the port either as the authenticated role or as the port's default role. To remove a rate limit, you must delete it from Policy Manager and then enforce. This will remove the rate limit from any roles it was associated with.

  1. Open the Class of Service Configuration window (available from the Policy Manager Edit menu).
  2. In the table, double-click on the rate you want to remove.
  3. Select Edit/Delete Rates/Actions from the drop-down menu.
  4. In the Edit Rate Limit/Shaper(s) window select the Delete this Rate Limit/Shaper checkbox and click OK.
  5. Enforce.
  NOTE: If you simply select None from the drop-down menu, it will un-map the rate from the class of service but it will not remove the rate limit.

Related Information

For information on related concepts:

For information on related tasks:

For information on related windows:

top