Configuring Rate Limits
DETAILED STEPS
Command or Action
Step 1
configure terminal
Example:
switch# configure terminal
switch(config)#
Step 2
hardware rate-limiter access-list-log {packets | disable}
[module module [port start end]]
Example:
switch(config)# hardware rate-limiter
access-list-log 200
Step 3
hardware rate-limiter bfd packets [module module [port
start end]]
Example:
switch(config)# hardware rate-limiter bfd 500
Step 4
hardware rate-limiter exception packets [module module
[port start end]]
Example:
switch(config)# hardware rate-limiter exception
500
Step 5
hardware rate-limiter fex packets [module module [port
start end]]
Example:
switch(config)# hardware rate-limiter fex 500
Step 6
hardware rate-limiter layer-3 glean packets [module
module [port start end]]
Example:
switch(config)# hardware rate-limiter layer-3
glean 500
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
496
Purpose
Enters global configuration mode.
Configures rate limits in packets per second for packets
copied to the supervisor module for access list logging.
The range is from 0 to 10000.
Configures rate limits in packets per second for
bidirectional forwarding detection (BFD) packets. The
range is from 0 to 10000.
Configures rate limits in packets per second for any
exception traffic in the system that is not classified by the
Control Plane Policing (CoPP) policy. The range is from
0 to 10000.
Configures rate limits in packets per second for
supervisor-bound FEX trafffic. The range is from 0 to
10000.
Configures rate limits in packets per second for Layer 3
glean packets. The range is from 0 to 10000.
A node receiving traffic for a particular destination might
be unable to forward traffic because it is unaware of the
rewrite information or the physical layer interface behind
which the destination resides. During this time, it is
possible to install a glean entry in the data path for that
destination. Because this might not be a pointer to the
global punt adjacency, a reserved module or port value is
used to punt such packets to the supervisor. This glean rate
can be controlled using the given rate limiter.
The CoPP policy controls the rate of glean
Note
packets that are forwarded due to global punt
adjacency, and this rate limiter controls the
destination-specific glean packets.
Configuring Rate Limits