IP Addresses and Services Configuration Guide for Cisco ASR 9000 Series Routers, IOS XR Release 6.9.x

Release	Modification
Release 7.3.2	Monitor LPTS host path drops via YANG data model was introduced.
Release 5.3.2	NP LPTS Based Policer was introduced.
Release 3.9.0	LPTS was introduced.

Prerequisites for Implementing LPTS

The following prerequisites are required to implement LPTS:

You must be in a user group associated with a task group that includes the proper task IDs. The command reference guides include the task IDs required for each command. If you suspect user group assignment is preventing you from using a command, contact your AAA administrator for assistance.

Information About Implementing LPTS

To implement LPTS features mentioned in this document you must understand the following concepts:

LPTS Overview

LPTS uses two components to accomplish this task: the port arbitrator and flow managers. The port arbitrator and flow managers are processes that maintain the tables that describe packet flows for a logical router, known as the Internal Forwarding Information Base (IFIB). The IFIB is used to route received packets to the correct Route Processor or line card for processing.

LPTS interfaces internally with all applications that receive packets from outside the router. LPTS functions without any need for customer configuration. However, LPTS show commands are provided that allow customers to monitor the activity and performance of LPTS flow managers and the port arbitrator.

LPTS Policers

In Cisco IOS XR, the control packets, which are destined to the Route Processor (RP), are policed using a set of ingress policers in the incoming line cards. These policers are programmed statically during bootup by LPTS components. The policers are applied based on the flow type of the incoming control traffic. The flow type is determined by looking at the packet headers. The policer rates for these static ingress policers are defined in a configuration file, which are programmed on the line card during bootup.

You can change the policer values based on the flow types of these set of ingress policers. You are able to configure the rate per policer per node (locally) and globally using the command-line interface (CLI); therefore, overwriting the static policer values.

Note

If two different ACLs with same ACEs are applied to an LPTS Policer, only the first ACL applied takes effect. When the first ACL is removed, the second ACL does not take effect on the LPTS Policer. If you want the second ACL to take effect on the LPTS Policer, reconfigure it on the LPTS Policer.

IP TOS Precedence

By default, router allows all packets into the network. The IP table of service (TOS) precedence feature allows you to classify packets by IP precedence value. The IP precedence value can be configured for every flow. Once configured for a flow type, only packets that match the defined IP precedence value are allowed, and others are rejected.

The precedence value can either be a number or name. This table lists configurable precedence values:

Table 1. Precedence Values
Precedence Number	Precedence Name	Description
0	routine	Matches packets with routine precedence.
1	priority	Matches packets with priority precedence.
2	immediate	Matches packets with immediate precedence.
3	flash	Matches packets with flash precedence.
4	flash-override	Matches packets with flash override precedence.
5	critical	Matches packets with critical precedence.
6	internet	Matches packets with internetwork control precedence.
7	network	Matches packets with network control precedence.

ACL Based Policer

ACL based policer is a session based policer that provides secure network access based on session.

Note

The ACL based policer feature is supported only on ASR 9000 Enhanced Ethernet Line Cards and ASR 9000 3rd Generation Line Cards.
When multiple ACLs are configured for an LPTS policier, only the first ACL details are displayed in the LPTS statistics command output.

Benefits

These are the benefits of ACL based policer:

Rate limit incoming packets based on session.
Modify policer rate depending on traffic load.
Block entire traffic based on a specific session without impacting other sessions with same flow.

Configuring LPTS Policers

This task allows you to configure the LPTS policers.

SUMMARY STEPS

configure
lpts pifib hardware police [location node-id]
flow flow_type {rate rate}
commit
show lpts pifib hardware police [location {all | node_id}]

DETAILED STEPS

Command or Action Purpose

Step 1

configure

Step 2

lpts pifib hardware police [location node-id]

Example:


RP/0/RSP0/CPU0:router(config)# lpts pifib hardware police location 0/2/CPU0
RP/0/RSP0/CPU0:router(config-pifib-policer-per-node)#


RP/0/RSP0/CPU0:router(config)# lpts pifib hardware police
RP/0/RSP0/CPU0:router(config-pifib-policer-global)#

Configures the ingress policers and enters pifib policer global configuration mode or pifib policer per node configuration mode.

The example shows pifib policer per node configuration mode and global.

Step 3

flow flow_type {rate rate}

Example:


RP/0/RSP0/CPU0:router(config-pifib-policer-per-node)# flow ospf unicast default rate 20000

Configures the policer for the LPTS flow type. The example shows how to configure the policer for the ospf flow type.

Use the flow_type argument to select the applicable flow type. For information about the flow types, see IP Addresses and Services Command Reference for Cisco ASR 9000 Series Routers.

Use the rate keyword to specify the rate in packets per seconds (PPS). The range is from 0 to 4294967295.

Note

LPTS policy for ntp-default flow type, supports a flow rate of 100 pps on Cisco ASR 9000 Series Router.

Starting with Cisco IOS XR Release 6.1.3, LPTS policy for ntp-default flow type, supports a flow rate higher than 100 pps on Cisco ASR 9000 Series Router.

Based on the number of NTP client scale requirement, you can increase the flow rate value to allow higher packets per second (PPS). For example,

lpts pifib hardware police location 0/0/CPU0
 flow ntp default rate 1000
 flow ntp known rate 1000

Step 4

commit

Step 5

show lpts pifib hardware police [location {all | node_id}]

Example:


RP/0/RSP0/CPU0:router# show lpts pifib hardware police location 0/2/cpu0

Displays the policer configuration value set.

(Optional) Use the location keyword to display pre-Internal Forwarding Information Base (IFIB) information for the designated node. The node-id argument is entered in the rack/slot/module notation.
Use the all keyword to specify all locations.

Configuring LPTS Policer with IP TOS Precedence

This task allows you to configure the LPTS policers with IP table of service (TOS) precedence:

SUMMARY STEPS

configure
lpts pifib hardware police [location node-id]
flow flow_type
precedence {number | name}
commit
show lpts pifib hardware police [location {all | node_id}]

DETAILED STEPS

	Command or Action	Purpose
Step 1	configure
Step 2	lpts pifib hardware police [location `node-id`] Example: `RP/0/RSP0/CPU0:router(config)# lpts pifib hardware police location 0/2/CPU0 or` `RP/0/RSP0/CPU0:router(config)# lpts pifib hardware police`	Configures the ingress policers. You can configure per node or all locations. The example shows configuration of pifib policer on an individual node and globally for all nodes respectively.
Step 3	flow `flow_type` Example: `RP/0/RSP0/CPU0:router(config-pifib-policer-per-node)# flow telnet default or` `RP/0/RSP0/CPU0:router(config-pifib-policer-global)# flow telnet default`	Configures the policer for the LPTS flow type. The example shows how to configure the policer for the telnet flow type per node or global mode (all locations). Use the `flow_type` argument to select the applicable flow type. For information about the flow types, see IP Addresses and Services Command Reference for Cisco ASR 9000 Series Routers.
Step 4	precedence {`number` \| `name`} Example: `RP/0/RSP0/CPU0:router(config-pifib-policer-per-node)# precedence 5 6 7 or` `RP/0/RSP0/CPU0:router(config-pifib-policer-global)# precedence 5 6 7`	Configures IP TOS precedence against a flow type. You can specify either a precedence number or name. For more information about precedence , use the question mark (?) online help function. The example shows how to configure IP TOS precedence 5, 6, and 7 per node or global mode.
Step 5	commit
Step 6	show lpts pifib hardware police [location {all \| `node_id`}] Example: `RP/0/RSP0/CPU0:router# show lpts pifib hardware police location 0/2/cpu0`	Displays the policer configuration value set. (Optional) Use the location keyword to display policer value for the designated node. The `node-id` argument is entered in the rack/slot/module notation. Use the all keyword to specify all locations.

Mapping the LPTS Policer with an ACL

This task allows you to map the LPTS policer with an ACL.

Note

LPTS to ACL map supports only the following values:
- Source Destination Address
- Source and destination port
- Protocol number
- Object Groups (both network and port groups)
When multiple ACLs are configured for an LPTS policier, only the first ACL details are displayed in the LPTS statistics command output.

When you are applying an ACL on an LPTS entry, LPTS entry filters and ACL should be defined in the same order. So, if you want to limit incoming traffic from the host 10.10.10.10 to any router ip address you need to define LPTS ACL as permit ip from any to 10.10.10.10.

For example, assume that 10.10.10.10 is the remote address from which traffic should be filtered. The LPTS and ACL should be defined as shown in the following table.


LPTS (local address, port, remote address, port)	ACL
(any,23, 10.10.10.10,65248)	ipv4 access-list lpts 10 permit ipv4 any host 10.10.10.10

You can use the following commands to view the LPTS ACL Policer information:

show lpts pifib hardware entry acl name statistics location
show lpts pifib hardware police location
show lpts pifib hardware entry statistics location

Note

The A9K-20HG-FLEX-SE, A9K-20HG-FLEX-TR, A99-32X100GE-X-SE, A99-32X100GE-X-TR, A9K-8HG-FLEX-SE, and A9K-8HG-FLEX-TR line cards do not include LPTS ACL Policer information in show lpts pifib hardware police location and show lpts pifib hardware entry statistics location commands.

SUMMARY STEPS

configure
lpts pifib hardware police acl acl-name1 rate 100 vrf vrf1
commit

DETAILED STEPS

Command or Action Purpose

Step 1

configure

Step 2

lpts pifib hardware police acl acl-name1 rate 100 vrf vrf1

Example:


RP/0/RSP0/CPU0:router(config)# lpts pifib hardware police acl acl-name1 rate 100 vrf vrf1

Maps the LPTS policer with the ACL by name acl-name1.

Step 3

commit

NP Based Policer

Network processor (NP) based policers in LPTS allow rate limit packets based on a specific NP with specific rate.

Benefits of NP based policer

Rate limit incoming packets based on a specific NP with specific rate.
Provides secure network access based on the context of a user or a device.

For example, if a user does not require specific traffic on a particular NP, then the rate limit can be set to 0.
Modify policer rate depending on traffic load.
Full utilization of traffic through each NP depending on traffic.
Stop or block complete traffic based on a specific NP without impacting other NPs with same flow.

Supported Features of NP Based Policer

Supports Cisco ASR 9000 High Density 100GE Ethernet line cards (such as A9K-8x100G-LB-SE and A9K-8x100G-LB-TR) only.
Supports ACL, global, local, NP based and static policers.

For sample configurations, see Configuring ACL, NP, LPTS Local, LPTS Global, and LPTS Static Policers: Example.
Supports existing LPTS and LPTS ACL policer features.
Supports existing scale limits of all protocols.

Configuring NP Based Policer in LPTS

This task allows you to configure NP based policer in LPTS.

SUMMARY STEPS

configure
lpts pifib hardware police [location node-id]np np-number
flow flow_type {default | known} {rate rate}
commit
show lpts pifib hardware entry np np-numberstatistics [location {all | node_id}]

DETAILED STEPS

	Command or Action	Purpose
Step 1	configure
Step 2	lpts pifib hardware police [location `node-id`]np `np-number` Example: `RP/0/RSP0/CPU0:router(config)# lpts pifib hardware police location 0/1/CPU0 np np3 RP/0/RSP0/CPU0:router(config-pifib-policer-per-node)#`	Configures the NP based ingress policers and enters pifib policer per node configuration mode.
Step 3	flow `flow_type` {default \| known} {rate `rate`} Example: `RP/0/RSP0/CPU0:router(config-pifib-policer-per-node)# flow ospf multicast known rate 100`	Configures the NP based policer for the LPTS flow type. The example shows how to configure the policer for the OSPF flow type. Use the `flow_type` argument to select the applicable flow type. Use the rate keyword to specify the rate in packets per seconds (PPS). The range is from 0 to 4294967295.
Step 4	commit
Step 5	show lpts pifib hardware entry np `np-number`statistics [location {all \| `node_id`}] Example: `RP/0/RSP0/CPU0:router# show lpts pifib hardware entry np np3 statistics location 0/1/cpu0`	Displays statistics of NP based policer in LPTS. (Optional) Use the location keyword to display pre-Internal Forwarding Information Base (IFIB) information for the designated node. The `node-id` argument is entered in the rack/slot/module notation. Use the all keyword to specify all locations.

Configuring ACL, NP, LPTS Local, LPTS Global, and LPTS Static Policers: Example

This topic contains sample configurations and output examples of ACL, NP based, LPTS local, LPTS global, and LPTS static policers.

ACL Based Policer

The following is a sample ACL based policer configuration. In this example, the ACL is applied to a BGP session.

RP/0/RSP1/CPU0:router(config)# ipv4 access-list lpts_acl_1
RP/0/RSP1/CPU0:router(config-ipv4-acl)# 10 permit tcp any host 200.0.0.1
RP/0/RSP1/CPU0:router(config-ipv4-acl)# 20 deny ipv4 any any
RP/0/RSP1/CPU0:router(config-ipv4-acl)# commit
RP/0/RSP1/CPU0:router(config-ipv4-acl)# end
RP/0/RSP1/CPU0:router(config)# lpts pifib hardware police acl lpts_acl_1 rate 1000
RP/0/RSP1/CPU0:router(config)# commit

The following is a show command and its sample output for the preceding policer configuration:

RP/0/RSP1/CPU0:router# show lpts pifib hardware entry brief  location 0/1/cpu0

             Node: 0/1/CPU0:
----------------------------------------
L3 - L3 Protocol;L4 - Layer4 Protocol; Intf - Interface;
Dest - Destination Node; V - Virtual;
na - Not Applicable or Not Available;
LU - Local chassis fabric unicast;
LM - Local chassis fabric multicast;
RU - Multi chassis fabric unicast;
RM - Multi chassis fabric multicast;
def - default

Offset L3   VRF id       L4     Intf            Dest       laddr,Port raddr,Port          acl name
------ ---- ------------ ------ --------------- ---------  ----------                     -----------------------------------
8      IPV4 *            any    any             Local      any,any any,any                          
9      CLNS *            -      any             LU(30)     - -                                      
10     IPV4 *            ICMP   any             Local      any,any any,ECHO                         
11     IPV4 *            OSPF   Optimized       LM[6]      224.0.0.5,any any,any                    
12     IPV4 *            OSPF   Optimized       LM[6]      224.0.0.6,any any,any                    
13     IPV4 *            OSPF   Optimized       LM[6]      any,any any,any                          
14     IPV4 default      TCP    any             LU(30)     any,65145 200.0.0.1,179        lpts_acl_1
15     IPV4 default      TCP    any             LU(30)     any,179 200.0.0.1,any          lpts_acl_1
16     IPV4 default      TCP    any             LU(30)     any,23 any,any                           
17     IPV4 default      UDP    any             LU(30)     any,161 any,any                          
18     IPV4 **nVSatellite UDP    any             LU(30)     any,161 any,any                          
19     IPV4 default      UDP    any             LU(30)     any,162 any,any                          
20     IPV4 **nVSatellite UDP    any             LU(30)     any,162 any,any                          
21     IPV4 default      L2TPV3 any             LU(30)     any,any any,any                          
22     IPV4 *            OSPF   any             LM[2]      224.0.0.5,any any,any                    
23     IPV4 *            OSPF   any             LM[2]      224.0.0.6,any any,any                    
24     IPV4 *            TCP    any             LU(30)     any,any any,179                          
25     IPV4 *            UDP    any             LU(30)     any,1701 any,any                         
26     IPV4 *            TCP    any             LU(30)     any,179 any,any                          
27     IPV4 *            ICMP   any             LU(30)     any,any any,ECHOREPLY                    
28     IPV4 *            ICMP   any             Local      any,any any,UNREACH                      
29     IPV4 *            ICMP   any             Local      any,any any,TIMXCEED                     
30     IPV4 *            ICMP   any             Local      any,any any,PARAMPROB                    
31     IPV4 *            ICMP   any             Local      any,any any,SRCQUENCH                    
32     IPV4 *            ICMP   any             Local      any,any any,REDIRECT                     
33     IPV4 *            ICMP   any             Local      any,any any,TSTAMP                       
34     IPV4 *            ICMP   any             Local      any,any any,MASKREQ                      
35     IPV4 *            TCP    any             LU(30)     any,any any,any                          
36     IPV4 *            UDP    any             LU(30)     any,any any,any                          
37     IPV4 *            RSVP   any             Local      any,any any,any                          
38     IPV4 *            OSPF   any             LM[2]      any,any any,any                          
39     IPV4 *            any    any             LU(30)     any,any any,any                          
40     IPV4 *            UDP    any             Local      any,any any,any                          
4      IPV6 *            any    any             Local      any,any any,any                          
5      IPV6 *            ICMP6  any             Local      any,any any,NDRTRSLCT                    
6      IPV6 *            ICMP6  any             Local      any,any any,NDRTRADV                     
7      IPV6 *            ICMP6  any             Local      any,any any,NDNBRSLCT                    
8      IPV6 *            ICMP6  any             Local      any,any any,NDNBRADV                     
9      IPV6 *            ICMP6  any             Local      any,any any,ECHOREQ                      
10     IPV6 default      UDP    any             LU(30)     any,161 any,any                          
11     IPV6 **nVSatellite UDP    any             LU(30)     any,161 any,any                          
12     IPV6 default      UDP    any             LU(30)     any,162 any,any                          
13     IPV6 **nVSatellite UDP    any             LU(30)     any,162 any,any                          
14     IPV6 default      ICMP6  any             LM[6]      any,any any,MLDLQUERY                    
15     IPV6 default      ICMP6  any             LM[6]      any,any any,LSTNRREPORT                  
16     IPV6 default      ICMP6  any             LM[6]      any,any any,MLDLSTNRDN                   
17     IPV6 default      ICMP6  any             LM[6]      any,any any,LSTNRREPORTv2                
18     IPV6 *            OSPF   any             LU(30)     ff02::5,any any,any                      
19     IPV6 *            OSPF   any             LU(30)     ff02::6,any any,any                      
20     IPV6 *            TCP    any             LU(30)     any,any any,179                          
21     IPV6 *            TCP    any             LU(30)     any,179 any,any                          
22     IPV6 *            ICMP6  any             LU(30)     any,any any,ECHOREPLY                    
23     IPV6 *            ICMP6  any             Local      any,any any,UNREACH                      
24     IPV6 *            ICMP6  any             Local      any,any any,PAK2BIG                      
25     IPV6 *            ICMP6  any             Local      any,any any,TIMXCEED                     
26     IPV6 *            ICMP6  any             Local      any,any any,HDRBAD                       
27     IPV6 *            OSPF   any             LU(30)     any,any any,any                          
28     IPV6 *            TCP    any             LU(30)     any,any any,any                          
29     IPV6 *            UDP    any             LU(30)     any,any any,any                          
30     IPV6 *            any    any             LU(30)     any,any any,any

The following is another show command and its sample output:

RP/0/RSP1/CPU0:router# show lpts pifib hardware entry stat location 0/1/cpu0 | i IPV4 default | i TCP

14     IPV4 default      TCP    any             LM[6]      6/0             any,65145 200.0.0.1,179        lpts_acl_1 
15     IPV4 default      TCP    any             LU(30)     0/0             any,179 200.0.0.1,any          lpts_acl_1 
16     IPV4 default      TCP    any             LU(30)     0/0             any,23 any,any

NP Based Policer

The following is a sample NP based policer configuration:

RP/0/RSP0/CPU0:vkg1-lpts# lpts pifib hardware police location 0/1/CPU0
np np2 flow bgp known rate 50
np np3 flow ospf multicast known rate 100
!
lpts pifib hardware police
!

The following is a show command and its sample output for the preceding policer configuration:

RP/0/RSP1/CPU0:router# show lpts pifib hardware entry np 3 statistics location 0/1/CPU0 
 
             Node: 0/1/CPU0:
----------------------------------------
L3 - L3 Protocol;L4 - Layer4 Protocol; Intf - Interface;
Dest - Destination Node;
LU - Local chassis fabric unicast;
LM - Local chassis fabric multicast;
RU - Multi chassis fabric unicast;
RM - Multi chassis fabric multicast;
na - Not Applicable or Not Available
 
Offset L3   VRD id       L4     Intf            Dest       Pkts/Drops      laddr,Port raddr,Port          acl name
------ ---- ------------ ------ --------------- ----------- ---------------- ---------------------          -----------------------------------
8      IPV4 *            any    any             Local      0/0             any,any any,any                           
9      CLNS *            -      any             LU(30)     0/0             - -                                       
10     IPV4 *            ICMP   any             Local      0/0             any,any any,ECHO                          
11     IPV4 *            OSPF   Optimized       LU(30)     0/0             224.0.0.5,any any,any                     
12     IPV4 *            OSPF   Optimized       LU(30)     0/0             224.0.0.6,any any,any                     
13     IPV4 *            OSPF   Optimized       LU(30)     0/0             any,any any,any                           
14     IPV4 default      TCP    any             LU(30)     0/0             any,23 any,any                            
15     IPV4 default      L2TPV3 any             LU(30)     0/0             any,any any,any                           
16     IPV4 *            OSPF   any             LU(30)     0/0             224.0.0.5,any any,any                     
17     IPV4 *            OSPF   any             LU(30)     0/0             224.0.0.6,any any,any

The following is another show command and its sample output:

RP/0/RSP1/CPU0:router# show lpts pifib hardware police np np3  location 0/1/CPU0 

Fri Mar 27 09:32:21.500 UTC
-------------------------------------------------------------
                Node 0/1/CPU0:
-------------------------------------------------------------
Burst = 100ms for all flow types 
-------------------------------------------------------------
FlowType               Policer Type    Cur. Rate  Def. Rate  Accepted             Dropped              TOS Value 
---------------------- ------- ------- ---------- ---------- -------------------- -------------------- ----------
unconfigured-default   100     Static  2500       2500       0                    0                    01234567            
L2TPv2-fragment        185     Static  10000      10000      0                    0                    01234567            
Fragment               101     Static  2500       2500       0                    0                    01234567            
OSPF-mc-known          102     np  100       2000       0                    0                    01234567            
OSPF-mc-default        103     Static  1500       1500       0                    0                    01234567            
OSPF-uc-known          104     Static  2000       2000       0                    0                    01234567            
OSPF-uc-default        105     Static  1000       1000       0                    0                    01234567            
ISIS-known             143     Static  2000       2000       0                    0                    01234567            
ISIS-default           144     Static  1500       1500       0                    0                    01234567            
BFD-known              150     Static  9600       9600       0                    0                    01234567            
BFD-default            160     Static  45340      9600       0                    0                    01234567            
BFD-MP-known           178     Static  11520      11520      0                    0                    01234567            
BFD-MP-0               179     Static  128        128        0                    0                    01234567            
BFD-BLB-known          183     Static  11520      11520      0                    0                    01234567            
BFD-BLB-0              184     Static  128        128        0                    0                    01234567            
BFD-SP-0               182     Static  512        512        0                    0                    01234567

LPTS Policer Applied for LC (Local)

The following is a sample configuration for LPTS policer applied for a line card (local):

RP/0/RP0/CPU0:router# lpts pifib hardware police location 0/7/CPU0
 flow ospf unicast known rate 30
!

The following is a show command and its sample output for the preceding policer configuration:

RP/0/RP0/CPU0:router# show lpts pifib hardware police location 0/7/CPU0 | i OSPF

Fri Aug 21 03:51:36.105 UTC
OSPF-mc-known          102     Static  2000       2000       5095                 0                    01234567
OSPF-mc-default        103     Static  1500       1500       0                    0                    01234567
OSPF-uc-known          104     Local   30         2000       36                   0                    01234567
OSPF-uc-default        105     Static  1000       1000       0                    0                    01234567

LPTS Policer (Global)

The following is a sample configuration for LPTS policer applied globally:

RP/0/RP0/CPU0:router# lpts pifib hardware police location 0/7/CPU0
 flow ospf unicast known rate 30
!
lpts pifib hardware police
 flow ospf multicast known rate 50
!

The following is a show command and its sample output for the preceding policer configuration:

RP/0/RP0/CPU0:router# show lpts pifib hardware police location 0/7/CPU0 | i OSPF

Fri Aug 21 03:54:06.678 UTC
OSPF-mc-known          102     Global  50         2000       5111                 0                    01234567
OSPF-mc-default        103     Static  1500       1500       0                    0                    01234567
OSPF-uc-known          104     Local   30         2000       36                   0                    01234567
OSPF-uc-default        105     Static  1000       1000       0                    0                    01234567

LPTS Static Policer

The following is a sample output for LPTS static policer:

RP/0/RP0/CPU0:router# show lpts pifib hardware police location 0/7/CPU0 | i OSPF

Fri Aug 21 03:54:06.678 UTC
OSPF-mc-known          102     Global  50         2000       5111                 0                    01234567
OSPF-mc-default        103     Static  1500       1500       0                    0                    01234567
OSPF-uc-known          104     Local   30         2000       36                   0                    01234567
OSPF-uc-default        105     Static  1000       1000       0                    0                    01234567

Configuration Examples for Implementing LPTS Policers

This section provides the following configuration example:

Configuring LPTS Policers: Example

The following example shows how to configure LPTS policers:

configure
 lpts pifib hardware police
  flow ospf unicast default rate 200
  flow bgp configured rate 200
  flow bgp default rate 100
 !
 lpts pifib hardware police location 0/2/CPU0
  flow ospf unicast default rate 100
  flow bgp configured rate 300
 !

The following is the show command and the sample output:

show lpts pifib hardware police location 0/2/CPU0

RP/0/RSP1/CPU0:rtr1#
RP/0/RSP1/CPU0:rtr1# show lpts pifib hardware police location 0/2/CPU0
-------------------------------------------------------------
                Node 0/2/CPU0:
-------------------------------------------------------------
Burst = 100ms for all flow types
-------------------------------------------------------------
FlowType                        Policer   Type     Cur. Rate   Def. Rate   Accepted     Dropped       TOS Value
----------------------          -------   -------- ----------  ----------- ----------   --------     ---------------
unconfigured-default               0      Static     2500         2500         0            0           01234567
L2TPv2-fragment                    85     Static     10000        10000        0            0           01234567
Fragment                           1      Static     3000         3000         0            0           01234567
OSPF-mc-known                      2      Static     2000         2000         0            0           01234567
OSPF-mc-default                    3      Static     1500         1500         0            0           01234567
.                                  .         .         .            .          .            .               .
.                                  .         .         .            .          .            .               .
.                                  .         .         .            .          .            .               .
.                                  .         .         .            .          .            .               .
DHCPv4                             92     Static     4000         4000         0            0           01234567
DHCPv6                             93     Static     4000         4000         0            0           01234567
ONEPK                              95     Static     2500         2500         0            0           01234567
TPA                                96     Static     2500         2500         0            0           01234567
IETF-BOB                           97     Static     9600         9600         0            0           01234567
------------------------
statistics:
Packets accepted by deleted entries: 0
Packets dropped by deleted entries: 0
Run out of statistics counter errors: 0
 
RP/0/RSP1/CPU0:rtr1#

Configuring LPTS policers with IP TOS Precedence: Example

The following example shows how to configure IP TOS to telnet default flow and allow packets with precedence 3 or 4 at node 0/0/CPU0:
```
configure
lpts pifib hardware police location 0/0/CPU0 
flow telnet default 
precedence 3 4 
```
The following example shows how to configure IP TOS to telnet known flow to only allow packets with precedence 5 or 6 or 7 at all nodes
```
configure
lpts pifib hardware police 
flow telnet known 
precedence 5 6 7
```
The following example shows how to configure IP TOS to telnet known flow to only allow packets with routine and network precedence at all nodes
```
configure
lpts pifib hardware police 
flow telnet known 
precedence routine network
```

Additional References

The following sections provide references related to implementing LPTS.

Related Topic	Document Title
Cisco IOS XR LPTS commands: complete command syntax, command modes, command history, defaults, usage guidelines, and examples	Cisco LPTS Commands module in the IP Addresses and Services Command Reference for Cisco ASR 9000 Series Routers

Standards


Standards	Title
No new or modified standards are supported by this feature, and support for existing standards has not been modified by this feature.	—

MIBs


MIBs	MIBs Link
—	To locate and download MIBs, use the Cisco MIB Locator found at the following URL and choose a platform under the Cisco Access Products menu: https://mibs.cloudapps.cisco.com/ITDIT/MIBS/servlet/index

RFCs


RFCs	Title
No new or modified RFCs are supported by this feature, and support for existing RFCs has not been modified by this feature.	—

Technical Assistance


Description	Link
The Cisco Technical Support website contains thousands of pages of searchable technical content, including links to products, technologies, solutions, technical tips, and tools. Registered Cisco.com users can log in from this page to access even more content.	http://www.cisco.com/techsupport

Bias-Free Language

Results

Chapter: Implementing LPTS

Implementing LPTS

Feature History for Implementing LPTS

Prerequisites for Implementing LPTS

Information About Implementing LPTS

LPTS Overview

LPTS Policers

IP TOS Precedence

ACL Based Policer

Benefits

Configuring LPTS Policers

SUMMARY STEPS

DETAILED STEPS

Example:

Example:

Example:

Configuring LPTS Policer with IP TOS Precedence

SUMMARY STEPS

DETAILED STEPS

Example:

Example:

Example:

Example:

Mapping the LPTS Policer with an ACL

SUMMARY STEPS

DETAILED STEPS

Example:

NP Based Policer

Configuring NP Based Policer in LPTS

SUMMARY STEPS

DETAILED STEPS

Example:

Example:

Example:

Configuring ACL, NP, LPTS Local, LPTS Global, and LPTS Static Policers: Example

ACL Based Policer

NP Based Policer

LPTS Policer Applied for LC (Local)

LPTS Policer (Global)

LPTS Static Policer

Configuration Examples for Implementing LPTS Policers

Configuring LPTS Policers: Example

Configuring LPTS policers with IP TOS Precedence: Example

Additional References

Related Documents

Standards

MIBs

RFCs

Technical Assistance

Was this Document Helpful?

Contact Cisco