Support for IPv6 egress rate limiting is available for SLX 9740/Extreme 8820 devices on the ethernet, and port-channels and VE interfaces. Support for ingress rate limiting is also available for VE interfaces. Filtering can be done on Source IP, Destination IP, and L4 Destination Port.
Before you begin, perform the following tasks:
Create a Policy map with the appropriate Class Map and Police configurations.
Enable IPv6 Optimised profile. Will not work with Default profile.
Note
IPv6 egress rate limiting is only supported on SLX 9740/Extreme 8820 devices.The following example summarizes the configuration of IPv6 rate limiting on an ethernet interface for egress traffic.
SLX(config)# ipv6 access-list extended ipv6acl SLX(conf-ipacl-ext)# seq 100 permit ipv6 4001::/64 any SLX(conf-ipacl-ext)# exit SLX(config)# class class-map_1 SLX(config-classmap)# match access-group ipv6acl SLX(config-classmap)# exit SLX(config)# policy-map policy-map_1 SLX(config-policymap)# class class-map_1 SLX(config-policymap-class)# police cir 300000 eir 300000000 SLX(config-policymap-class)# exit SLX(config-policymap)# exit SLX(config)# int eth 0/1 SLX(conf-if-eth-0/1)# service-policy out policy-map_1 SLX(conf-if-eth-0/1)# exit SLX(config)#
The following example summarizes the configuration of IPv6 rate limiting on a port-channel for egress traffic. For the configuration of the policy-map refer to the previous section.
SLX (config)# interface port-channel 10 SLX (config-port-channel-10)# service-policy out policy-map_1
This example summarizes the configuration of IPv6 rate limiting on a VE interface for ingress traffic.
SLX (config)# interface ve 100 SLX (config-ve-100)# service-policy in policy-map_1
This example summarizes the configuration of IPv6 rate limiting on a VE interface for egress traffic.
SLX (config)# interface ve 100 SLX (config-ve-100)# service-policy out policy-map_1