Question
How to configure Interface Policer or Rate-limit traffic on the Versa FlexVNF Interfaces?
Solution
Interface Policer or Rate-limit traffic helps in controlling the amount of traffic hitting the router incoming Interface in any WAN interface or LAN interface.
Policing works only on ingress direction.
- Follow these steps to create a QOS profile on the Versa Director:
- Login to Versa Director.
- Select Appliance Context > Branch > Networking > Class of Service > Qos Profiles, and click +.
- Set Peak Rate (Kbps).
- Select Forwarding Class and Loss Priority as applicable.
- Clock OK.
- Create Qos Policy and Rules:
- Navigate to Appliance Context > Branch > Networking > Class of Service > Qos Policies > Policies >
.
- Provide a name for the policy, and click OK.
- Navigate to Appliance Context > Branch > Networking > Class of Service > Qos Policies > Rules >
.
- Provide a name for the rule.
- Under Source/Destination tab, select only the Source Zone and leave rest of the entries blank.
Here the selected Intf-SD-WAN-Zone binds to only one interface vni-0/0. - Under Enforce tab > Action Setting, select Drop Excess Traffic.
- Select the appropriate Qos Profile, and click OK.
- Navigate to Appliance Context > Branch > Networking > Class of Service > Qos Policies > Policies >
- Run show interfaces statistics vni-0/0 and show orgs org-services Tenant-Org-2 class-of-service qos-policies rules qos-policy-stats CLI commands to verify the applied configuration by checking the interface statistics, and check if the configured Qos Policies and rules count are increasing.
admin@Branch-100-DIA-cli> show interfaces statistics vni-0/0 TENANT HOST RX RX RX RX TX TX TX TX NAME ID VRF INF PACKETS PPS RX BYTES ERRORS BPS PACKETS PPS TX BYTES ERRORS BPS --------------------------------------------------------------------------------------------------------------------------- vni-0/0 2 SD-WAN-Transport-VR eth1 1256438 2 2491501297 0 2912 1073904 2 300661272 1 3112
admin@Branch-100-DIA-cli> show orgs org-services Tenant-Org-2 class-of-service qos-policies rules qos-policy-stats QOS QOS QOS QOS QOS PPS PPS KBPS KBPS QOS DROP DROP FORWARD FORWARD SESSION POLICER POLICER POLICER POLICER RULE HIT PACKET BYTE PACKET BYTE DENY PKTS BYTES PKTS BYTES NAME NAME COUNT COUNT COUNT COUNT COUNT COUNT DROPPED DROPPED DROPPED DROPPED ------------------------------------------------------------------------------------------------------------- Qos-Policies-1 R1 3414 3331 5043134 10 777 0 0 0 3331 5043134
If excess traffic is flowing to the configured interface, then the appropriate packet Drop count starts increasing.
NOTE: The output in Step 3 confirms:
- The traffic is hitting the appropriate interface(created Qos rule).
- Traffic exceeding the configured value is getting dropped.
NOTE:
- The first output shows the amount of live traffic hitting the interface VNI-0/0.
- The second output shows the Qos Policies rule the traffic is hitting, and shows the Drop count for the KBPS policer because the traffic has reached the Peak Rate value in KBPS.