Restrictions
-
All punted packets are subject to CoPP and punt-policing.
-
The ARP-filter handles the subscriber-side ARP packets. ARP packets are not processed by subscriber-side SBRL.
-
The maximum rate is 255. Due to this, the configured rate of 256 from 16.8.X will not transfer properly. A new command must
be entered to transfer the configuration.
Subscriber-MAC address SBRL identifies traffic streams by hashing the punt cause and the source MAC address. The hash value
is used as the index for rate-limiting. Hash-collision detection is performed so that all traffic streams are processed separately.
Default settings for subscriber-side SBRL are listed in this topic. Using the 'no' configuration returns the rate to the default
value.
Rate-limiting is performed using a 2-color token-bucket algorithm. The rate is specified in packets-per-4-seconds, in the
range [1, 255]. This translates to a packets-per-second rate in the range [0.25, ~64]. The optional bucket-size is specified
in packets, in the range [1, 255]. If not specified, then bucket-size is set equal to rate.
The "no-drop" keyword disables rate-limiting for the specified punt-cause.
There is an optional quarantine configuration. When a traffic stream enters quarantine, all punted packets in the stream are
dropped for the configured period. A traffic stream enters quarantine when (burst-factor x rate) packets arrive at a rate
faster than rate. An example would be that of a faulty cable modem that continuously sends DHCPv6 solicits.
-
DHCPv6 solicits from the faulty cable modem arrive at 100 packets/second, and are all punted.
-
Subscriber-side SBRL is configured with a rate-per-4-sec of 8 (i.e. 2 packets-per-sec), quarantine time of 10 minutes, and
burst-factor of 500 packets.
The traffic stream rate is higher than the configured rate. Therefore, when approximately 1000 (2 x 500) packets have arrived,
the traffic stream enters quarantine. The quarantine happens after about 10 seconds (1000 packets at 100 packets per second),
and all punted packets from the stream are dropped for 10 minutes. After 10 minutes, the quarantine is deactivated. The quarantine
calculations restart immediately, so if the traffic stream remains continuous, quarantine is reactivated after the next 10
seconds.
-
enable
Enables privileged EXEC mode. Enter your password, if prompted.
-
configure terminal
Router# configure terminal
Enters global configuration mode.
-
platform punt-sbrl subscriber punt-cause punt-causerate-per-4-sec rate[ bucket-size bucket-size] [ quarantine-time time burst-factor burst-factor]
Configures subscriber-MAC address SBRL.
-
punt-cause punt-cause - Specifies the punt cause.
-
rate-per-4-sec rate - Specifies the rate in packets per 4-seconds. The range is from 1 to 255.
-
bucket-size bucket-size – Specifies the bucket-size in packets. The range is from 1 to 255. If bucket-size is not entered, the bucket-size is set
equal to the rate.
-
quarantine-time time – Specifies the quarantine time, in minutes. The range is from 1 to 60.
-
burst-factor burst-factor – Specifies the burst-factor, in number of packets. The range is from 50 to 1000.