VLAN-based rate limiting provides specific bandwidth for the inbound traffic on the VLAN on a physical port, port channel, and system-wide.
Ingress traffic on both tagged and untagged VLAN are rate limited. A packet can be classified for QoS policing by using the VLAN ID match criteria. A class map is configured to match this match criteria before the QoS policing action is taken. Each class map can match on a VLAN ID. Multiple class maps can reside within a policy map. When the system is configured to use VLAN-based rate limiting, the traffic received on this interface is classified, policed, and marked according to the policy map attached to the VLAN to which the packet belongs.
Separate ACLs matching traffic based on VLAN can exist on the device. VLAN-based rate limiting can coexist with existing Layer 2 MAC ACLs.