[c-nsp] Rate limiting but on packet count not bandwidth

Tassos Chatzithomaoglou achatz at forthnet.gr
Wed Dec 17 12:52:48 EST 2008

Some platforms support the "police rate x pps" command, but i don't know if this should be 
used for CoPPs exclusively.

"storm-control unicast" should block all unknown unicast, which is probably not what 
Primoz wants (besides the vlan/trunk matter).


Ross Vandegrift wrote on 17/12/2008 18:25:
> On Wed, Dec 17, 2008 at 04:00:56PM +0100, Primoz Jeroncic wrote:
>> Hi guys
>> Does anyone have any idea if rate limiting traffic based on packet
>> count would be possible on Cat3550/3560/3570 or any Cisco router?
>> I would need to limit some users which don't generate much of
>> traffic (only about 5 or 6Mbps), but packet count is huge (30k+ per sec).
>> So is there some option to limit their fraffic to let's say 5000packets/sec
>> regardless on bandwidth they use?
> I've wanted this on Catalyst platforms for a long time, it doesn't
> really exist.  On your platforms, you should be able to apply unicast
> storm-control to control the number of pps on a per-physical port
> basis, but you can't write a QoS policy that can be applied in
> general.  Doesn't seem to be any way to do it on a VLAN.  If you
> enable it on a trunk port, all VLANs will be dropped when one exceeds
> the threshold - probably not what you want.
> Ross

More information about the cisco-nsp mailing list