配置指定的访问速率和分布式访问速率策略,你可以使用rate-limit 端口配置命令. 移除rate limit配置,在原命令上加上no移除.
指令:
rate-limit {input | output} [access-group [rate-limit] acl-index] bps burst-normal burst-max conform-action conform-action exceed-action exceed-action
no rate-limit {input | output} [access-group [rate-limit] acl-index] bps burst-normal burst-max conform-action conform-action exceed-action conform-action
参数描述: input 在入口上对接受的packets应用一个访问速率策略
output 在出口上对发送的packets应用一个访问速率策略
access-group 可选项,在指定的访问控制列表上应用访问速率策略 --通常在对指定的ip和应用程序限速的情况下使用
rate-limit 可选项,这个是rate-limit访问控制策略
acl-index 可选项,Access list number.
bps 平均速率(bits/每秒),为8kbp的倍数
burst-normal 普通的最大速率,The minimum values is bps divided by 2000.
burst-max 非正常时的最大速率(单位字节)
conform-action 相应的行为动作
1.continue --Evaluates the next rate-limit command.
2.drop 丢弃该包
3.set-dscp-continue -----Sets the differentiated services code point (DSCP) (0 to 63) and evaluate the next rate-limit command.
4.set-dscp-transmit—------Sends the DSCP and transmit the packet.
5.set-mpls-exp-transmit—--Sets the MPLS experimental bits (0 to 7) and sends the packet.
6.set-prec-continue—---Sets the IP precedence (0 to 7) and evaluates the next rate-limit command.
7.set-qos-continue—---Sets the QoS group ID (1 to 99) and evaluates the next rate-limit command.
8.transmit—---Sends the packet.
exceed-action--------Action to take on packets that exceed the specified rate limit. Specify one of the following keywords:
1.continue—--Evaluates the next rate-limit command.
2.drop—--Drops the packet.
3.set-dscp-continue—--Sets the DSCP (0 to 63) and evaluates the next rate-limit command.
4.set-dscp-transmit—--Sends the DSCP and sends the packet.
5.set-mpls-exp-continue—--Sets the MPLS experimental bits (0 to 7) and evaluates the next rate-limit command.
6.set-mpls-exp-transmit—--Sets the MPLS experimental bits (0 to 7) and sends the packet.
7.set-prec-continue—--Sets the IP precedence (0 to 7) and evaluates the next rate-limit command.
8.set-prec-transmit—--Sets the IP precedence (0 to 7) and sends the packet.
9.set-qos-continue—--Sets the QoS group ID (1 to 99) and evaluates the next rate-limit command.
10.set-qos-transmit—--Sets the QoS group ID (1 to 99) and sends the packet.
11.transmit—--Sends the packet.
默认情况下: 访问速率和分布式访问速率策略are disabled.
命令模式:
Interface configuration
Command History
Release Modification
11.1 CC This command was introduced.
12.1(5)T The conform and exceed actions were added for the MPLS experimental field.
Usage Guidelines
使用多个访问速率策略, 在不同的interface下输入
分布式访问速率策略只在 Cisco 7000 series routers with an RSP7000 或者Cisco 7500 series routers with VIP2-40 or greater interface processor下能够使用. A VIP2-50 interface processor is strongly recommended when the aggregate line rate of the port adapters on the VIP is greater than DS3. A VIP2-50 interface processor is required for OC-3 rates.
访问速率和分布式访问速率策略只能对ip传输可用. 访问速率和分布式访问速率策略不支持Fast EtherChannel, tunnel, 或者 PRI interfaces, 也不支持任何不支持Cisco快速转发(CEF)上的接口.
Cisco快速转发必须在配置访问速率和分布式访问速率策略前先enabled.
Examples
In the following example, the rate is limited by application:
All World Wide Web traffic is sent. However, the MPLS experimental field for web traffic that conforms to the first rate policy is set to 5. For nonconforming traffic, the IP precedence is set to 0 (best effort). See the following commands in the example:
rate-limit input rate-limit access-group 101 20000000 24000 32000 conform-action
set-mpls-exp-transmit 5 exceed-action set-mpls-exp-transmit 0
access-list 101 permit tcp any any eq www
FTP traffic is sent with an MPLS experimental field of 5 if it conforms to the second rate policy. If the FTP traffic exceeds the rate policy, it is dropped. See the following commands in the example:
rate-limit input access-group 102 10000000 24000 32000
conform-action set-mpls-exp-transmit 5 exceed-action drop
access-list 102 permit tcp any any eq ftp
Any remaining traffic is limited to 8 Mbps, with a normal burst size of 16,000 bytes and an excess burst size of 24000 bytes. Traffic that conforms is sent with an MPLS experimental field of 5. Traffic that does not conform is dropped. See the following command in the example:
rate-limit input 8000000 16000 24000 conform-action set-mpls-exp-transmit 5
exceed-action drop
Notice that two access lists are created to classify the web and FTP traffic so that they can be handled separately by the CAR feature:
interface Hssi0/0/0
description 45Mbps to R2
rate-limit input rate-limit access-group 101 20000000 24000 32000
conform-action set-mpls-exp-transmit 5 exceed-action set-mpls-exp-transmit 0
rate-limit input access-group 102 10000000 24000 32000
conform-action set-mpls-exp-transmit 5 exceed-action drop
rate-limit input 8000000 16000 24000 conform-action
set-mpls-exp-transmit 5 exceed-action drop
ip address 200.200.14.250 255.255.255.252
!
access-list 101 permit tcp any any eq www
access-list 102 permit tcp any any eq ftp
In the following example, the MPLS experimental field is set and the packet is sent:
interface FastEtheret1/1/0
rate-limit input 8000 1000 1000 access-group conform-action
set mpls-exp-transmit 5 exceed-action set-mpls-exp-transmit 5
相关命令:
access-list --------rate-limit Configures an access list for use with CAR policies.
show access-lists rate-limit--------Displays information about rate-limit access lists.
show interfaces rate-limit--------Displays information about CAR for an interface.
show ip rsvp installed--------- Displays RSVP-related installed filters and corresponding bandwidth information.
rate-limit是QOS(Quality of Service)即服务质量保证实现的主要命令 用法基本用为:
rate-limit input 128000 8000 9000 conform-action transmit exceed-action drop
rate-limit output 128000 8000 9000 conform-action transmit exceed-action drop
对于一条链路,input和output都要设置。 这句话的意思是,限制带宽为128kbps,对于一个连接普通 突发速率8kBytes(即64kbps),最大突发9k(即72kbps) 如在这个范围内,进行的操作是 transmit(传输) 如果超出就是的操作(Exceed-action)是drop(丢弃) 在这里,最主要测参数是 128000,限制带宽,后面2个是限制每个连接的突发带宽,这样保证不会因为一个人ftp而导致整个链路 性能下降很多 在conform-action里,除了transmit以外,还有一个很好的做法,就是set-prec- transmit 5,即
rate-limit input 128000 8000 9000 conform-action set-prec-transmit 5 exceed-action drop
rate-limit output 128000 8000 9000 conform-action set-prec-transmit 5 exceed-action drop
这个的含义是如果普通单连接突发速率在8kbytes(64kbps)以下时,正常传输 如果在 8kbytes(64kbps)和9kbytes(72kbps)之间是,优先级变为5级(中级),如果超出 9kbytes(72kbps)就drop
分享到:
相关推荐
正在安装yarn add axios-rate-limit用法import axios from 'axios' ;import rateLimit from 'axios-rate-limit' ;// sets max 2 requests per 1 second, other will be delayed// note maxRPS is a shorthand for ...
安装$ npm install --save rate-limit-redis用法const RateLimit = require ( "express-rate-limit" ) ;const RedisStore = require ( "rate-limit-redis" ) ;const limiter = new RateLimit ( { store : new ...
hapi-速率限制 主要维护者: 介绍 hapi-rate-limit是一个插件,可以实现速率限制。 采用 const Hapi = require ( 'hapi' ) ; const server = Hapi ....server .... plugin : require ( '... segment : hapi-rate-limit-user
Amp-rate-limit.zip,放大器的速率限制。,amp是php的一个非阻塞并发框架。它提供事件循环、承诺和流,作为异步编程的基础。
快递费限制 Express的基本限速中间件。... 与一起播放时效果很好... 这些其他选项都是出色的软件,可能更适合某些情况:安装$ npm install --save express-rate-limit用法对于应将速率限制器应用于所有请求的纯API服务器:
fastify-rate-limit 您的路线的低开销速率限制器。 支持 Fastify 2.x - 3.x semver 范围。 Fastify 1.x 兼容性请参考及相关版本。 安装 npm i fastify-rate-limit 用法 注册插件,如果需要,传递一些自定义选项。...
Algorithm-rate-limit.zip,(巨蟒),算法是为计算机程序高效、彻底地完成任务而创建的一组详细的准则。
X-Rate-Limit-Limit: 60X-Rate-Limit-Remaining: 25X-Rate-Limit-Reset: 8用 var request = require('request');var Xrate = require('x-rate');var xRate = new Xrate(request, queueDoneCallback);var req = x...
安装安装gem: gem install ' rack-attack-rate-limit ' 在您的gemfile中: gem 'rack-attack-rate-limit' , require : 'rack/attack/rate-limit' 然后执行: bundle用法Rack :: Attack :: RateLimit期望至少定义一...
安装npm install --save simple-rate-limit 配置limit-同时打开请求的最大数量。 达到限制后发送的请求将收到429错误代码。用法var SimpleRateLimiter = require('simple-rate-limit');var limiter = new ...
限速 ... ... 一个关键特性是可以堆叠速率限制:中间件的多个实例可以包装在同一条路由中,... 通过使用wrap-rate-limit或wrap-stacking-rate-limit包装环形请求处理程序来使用中间件。 对于这两个函数,第一个参数是要包装的
:female_sign: GraphQL速率限制 :male_sign: GraphQL速率限制器,用于向查询或突变添加基本的粒度限制。 产品特点 :female_sign: 将速率限制添加到查询或变异 :handshake: 可与任何...yarn add graphql-rate-limi
composer require nikolaposa/rate-limit 用法 终止速率限制器 use RateLimit \ Exception \ LimitExceeded ; use RateLimit \ Rate ; use RateLimit \ RedisRateLimiter ; use Redis ; $ rateLimiter = new Redis...
安装$ npm install --save cov-rate-limit例考阿const Koa = require ( 'koa' )const RateLimit = require ( 'cov-rate-limit' )const app = new Koa ( )const rateLimiter = RateLimit ( { type : 'koa' , max : ...
npm install rate-limit-queue 构造函数选项 选项 描述 max_parallel_tasks 并行运行的排队任务的最大数量 大体时间 下面的时间范围(毫秒) tasks_per_timeframe 在给定时间范围内要运行的最大任务量
yarn add graphql-rate-limit-directive 这个怎么运作 GraphQL速率限制包装了解析程序,确保在调用某个操作之前允许该操作。 每个固定大小的时间窗口最多为客户端分配n操作。 客户端执行n操作后,他们必须等待。 ...
rate limit插件 仅支持Caddy v1,如果您使用的是v2,请尝试 句法 过多的请求将被终止,并显示错误429(请求过多)! 和X-RateLimit-RetryAfter标头将被返回。 对于单个资源: ratelimit methods path rate burst ...
var Limiter = require ( 'express-rate-limiter-redis/limiter' ) , //For easy usage, this redirects to express-rate-limiter (The main module) RedisStore = require ( 'express-rate-limiter-redis'
API限流熔断服务接口限流熔断,基于nodejs,koa2构建。启动脚本# 安装依赖npm install# 本地启动服务npm run start程序目录.├── src # 程序源文件| ├── controllers # 控制层| ├── routes # 路由文件│ └...
安装npm install --save client-rate-limiter 问题大多数http api实施速率限制机制来保护它们免受DoS攻击。 与此类http api交互的客户端应用程序必须考虑这些限制,以确保不会丢失http请求。 即:一个cron应用程序,...