Licensing Requirements For Rate Limits; Guidelines And Limitations For Rate Limits - Cisco Nexus 9000 Series Configuration Manual
Nx-os security configuration guide, release 9.x
Hide thumbs
Also See for Nexus 9000 Series:
- Configuration manual (276 pages) ,
- Troubleshooting manual (126 pages) ,
- Quick start configuration manual (6 pages)
Table of Contents
Advertisement
Licensing Requirements for Rate Limits
Licensing Requirements for Rate Limits
The following table shows the licensing requirements for this feature:
Product
Cisco
NX-OS
Guidelines and Limitations for Rate Limits
Rate limits has the following configuration guidelines and limitations:
• You can set rate limits for supervisor-bound exception and redirected traffic. Use control plane policing
• You can configure a hardware rate-limiter to show statistics for outbound traffic on SPAN egress ports.
• The rate-limiter on egress ports is limited per pipe on the Cisco Nexus 9300 and 9500 Series switches;
• Cisco Nexus 9300 and 9500 Series switches; Cisco Nexus 3164Q and 31128PQ switches; and the Cisco
• Cisco Nexus 9200 and 9300-EX Series switches; and the N9K-X9736C-EX, N9K-97160YC-EX,
•
• For Cisco Nexus 92160YC-X, 92304QC, 9272Q, 9232C, 92300YC, 9348GC-FXP, 93108TC-FX,
Cisco Nexus 9000 Series NX-OS Security Configuration Guide, Release 9.x
494
License Requirement
No license is required for rate limits. Any feature not included in a license package is bundled
with the nx-os image and is provided at no extra charge to you. For an explanation of the
Cisco NX-OS licensing scheme, see the Cisco NX-OS Licensing Guide.
(CoPP) for other types of supervisor-bound traffic.
Note
Hardware rate-limiters protect the supervisor CPU from excessive inbound traffic.
The traffic rate allowed by the hardware rate-limiters is configured globally and
applied to each individual I/O module. The resulting allowed rate depends on the
number of I/O modules in the system. CoPP provides more granular supervisor
CPU protection by utilizing the modular quality-of-service CLI (MQC).
This rate-limiter is supported on all Cisco Nexus 9000, 9300, and 9500 Series switches, and the Cisco
Nexus 3164Q, 31128PQ, 3232C, and 3264Q switches.
Cisco Nexus 3164Q and 31128PQ switches; and the Cisco Nexus 3232C and 3264Q switches. The
rate-limiter on egress ports is limited per slice on the Cisco Nexus Cisco Nexus 9200 and 9300-EX Series
switches.
Nexus 3232C and 3264Q switches, support both local and ERSPAN. However, the rate-limiter only
applies to ERSPAN. You must configure e-racl ACL TCAM region to enable the rate-limiter on these
switches. (For more information, see the
NX-OS Security Configuration Guide.)
N9K-X9732C-EX, N9K-X9732C-EXM line cards, the SPAN egress rate-limiter applies to both ERSPAN
and local SPAN. You do not require special TCAM carving to use the rate-limiter on these devices.
93180YC-FX ToR switches; Cisco Nexus 3232C and 3264Q switches, you should not configure both
sFlow and ERSPAN.
ACL TCAM Regions
section in the Cisco Nexus 9000 Series
Configuring Rate Limits
- Quick Links:
- Radius and Tacacs+ Security Protocols
Hide quick links:
Advertisement
Table of Contents
