Aggregate policers perform second stage policing (the first stage is controlled by individual policers) allowing policing of multiple flows/categories in aggregate. This allows first stage policers to become oversubscribed while still limiting aggregate incoming traffic from a given traffic category. The aggregate fill rate for an Aggregate policer is equal to the maximum value of the fill rates of referencing policers.

The following table defines the bucket sizes and fill rates (in packets/second) for aggregate policers.

Aggregate Policer Bucket Sizes and Fill Rates

Aggregate Policer Name

Bucket Size

Fill Rate

Comment

routing/billing

50

2,500 (SBC 5000 series)
7,500 (SBC 7000 series)

Referencing ACLs include all defaulted PSX, DNS, NTP and RADIUS-accounting client rules. All clients and only clients are in this aggregate.

SFTP/Platform

50

10,000 (SBC 5000 series)
30,000 (SBC 7000 series)

Referencing ACLs include all defaulted rules for SFTP server (2024), EMA HTTPS server (443), and EMA server via Platform Mode access (444).

ICMP

50

100

Referencing ACLs include all defaulted ICMPv4 and ICMPv6 rules.

IKE

50

750

 

OAM

50

1,000

Referencing ACLs include all defaulted EMA (port 80 and port 443), netconf (port 2022), SNMP (udp port 161), SSH CLI (port 22) server rules.

Operator configured permit rules

50

20,000

Referencing ACLs include all operator created permit rules.

Zone aggregate signaling

Zone CAC settings

Zone CAC settings

 

  • No labels