Ask the Expert

How does User-based Rate Limiting (UBRL) do if I have oversubscribed a port or switch?

If a port or switch is oversubscribed, what does User-based Rate Limiting (UBRL) do? Does Weighted Fair Queuing come into play? How do I configure for this scenario, assuming I have the correct Supervisor Engine/Netflow combination?

    Requires Free Membership to View

UBRL is a form of Micro-Flow policing, allowing the administrator to rate limit traffic flows. Unlike a normal Micro-Flow policer, it allows a policer to be applied to all traffic to or from a specific user. The Micro-Flow policer differs in that it applies a rate-limiting policy on a per-flow basis. Whereas the aggregate policer limits the total amount of traffic entering that VLAN, the same Micro-Flow policer would only limit each flow to the stated rate. If a Micro-Flow policer were applied to the same VLAN enforcing a policing rule of 2 Mb, then no one flow entering any port in that VLAN could exceed 2 Mb. It is worth noting that although a Micro-Flow policer limits traffic for specific flows, it does not limit the number of flows that can be active in that VLAN.

To configure it you would use a similar method of a Micro-Flow policer. You would define an ACL for classification and refer that ACL in a class map. Then you create a policy map with the policer included. Within the policy map will be a policer statement. Normally, a Micro-Flow policer is identified by the use of the keyword flow. UBRL uses this keyword, but it also uses a flow mask keyword to set the flow mask required for this operation.

Example below tries to rate-limit traffic to 1Mb.

config)# access-list 10 permit ip host any
config)# class-map find-testtraffic
config-cmap)# match access-group 10
config)# policy-map police-testtraffic
config-pmap)# class find-testtraffic
config-pmap-c)# police flow mask src-only 1000000 5000 conform-action transmit exceed action drop
config-pmap-c)# interface gig3/1
config-if)# service-policy input police-testtraffic

This was first published in March 2010

There are Comments. Add yours.

TIP: Want to include a code block in your comment? Use <pre> or <code> tags around the desired text. Ex: <code>insert code</code>

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy
Sort by: OldestNewest

Forgot Password?

No problem! Submit your e-mail address below. We'll send you an email containing your password.

Your password has been sent to: