Dell Networking N4000 Series Configuration Manual page 637

periodic weekdays 07:30 to 18:00
exit
ip access-list redirect-traffic
permit ip any 172.16.1.0 255.255.255.0 redirect te1/0/1 time-range
work-hours
permit every
exit
ip access-group redirect-traffic in 30
Rate Limit WWW Traffic (Diffserv)
This ACL creates a Diffserv policy to rate-limit WWW packets. Limit and
burst values require tuning for local traffic patterns and link speeds. Compare
this to the next example.
class-map match-all rate-limit-control ipv4
match protocol tcp
match srcl4port www
exit
policy-map rate-limit-policy in
class rate-limit-control
police-simple 9216 128 conform-action transmit violate-action drop
exit
exit
interface te1/0/1
service-policy in rate-limit-policy
exit
Rate limit WWW traffic (ACL)
This example creates an ACL to rate-limit WWW traffic ingressing the
switch on te1/0/1. Initial and established values require tuning for local traffic
patterns and link speeds. Note that this ACL applies to traffic sent to the
switch IP address as well as traffic forwarded by the switch (in rule). Permit
rules with a rate-limit parameter do not require a following deny rule as
matching packets exceeding the rate limit are discarded. Compare this with
the example above.
ip access-list rate-limit-www
permit tcp any any eq www flag established rate-limit 9216 128
permit tcp any any eq www rate-limit 1024 64
permit every
exit
637
Configuring Access Control Lists