Configuring interface rate limiting for the USG2000 or USG5000

60

Configure interface rate limiting for the SRG, USG2000, and USG5000.
Configuration method:
Run qos lr to configure rate limiting for interfaces.

Configuration example:
Limit the rate to 1000 kbit/s for packets forwarded by GE interface 0/0/1 of the USG to the Internet.
Procedure:
1. For the USG series, add interfaces to security zones and configure inter-zone packet filtering to ensure normal network communication. The configuration procedure is not described here. For the USG BSR and HSR series, you do not need to add interfaces to security zones or configure packet filtering.
2. Configure IP addresses for interfaces of the USG. Configure routes to ensure normal network communication. The configuration procedure is not described here.
3. Configure LR on GE interface 0/0/1 of the USG to limit the traffic forwarded by this interface to the Internet.
system-view
[USG] interface GigabitEthernet 0/0/1 //Access the interface.
[USG-GigabitEthernet0/0/1] qos lr cir 1000 cbs 3000 //Limit the interface rate to 1 Mbit/s.
Verification:
In any view of the USG, run display qos lr interface [ interface-type interface-number ] and view interface rate limiting configuration.
[USG] display qos lr interface GigabitEthernet 0/0/1

Other related questions:
Configuring bandwidth limitation for the USG2000 or USG5000
Configure bandwidth limitation for the USG. Bandwidth limitation can be achieved through traffic policing, traffic shaping, and interface rate limiting. Configure traffic policing, traffic shaping, and interface rate limiting to implement traffic control. 1. Configuration procedure: Configure traffic shaping (QoS GTS). Configure traffic policing (QoS CAR). Configure the interface bandwidth (QoS LR). 2. Configuration example: USG_A and USG_B are interconnected through their GE interface 0/0/1 and GE interface 0/0/2. The server and PC1 can access the Internet through either USG_A or USG_B. The server and PC1 are on the same network segment as GE interface 0/0/3 of USG_A. Apply the following traffic control policies for packets received by GE interface 0/0/2 of USG_B from the server and PC1: Limit the rate of packets sent from the server to 54,000 kbit/s. Limit the rate of packets sent from PC1 to 8000 kbit/s, and the rate of burst traffic to 15,000 kbit/s. Apply the following traffic control policies for packets received and sent by GE interface 0/0/2 and GE interface 0/0/1 of USG_B: Limit the rate of packets received by GE interface 0/0/2 of USG_B to 500,000 kbit/s. Limit the rate to 1000 kbit/s for packets forwarded by GE interface 0/0/1 of USG_B to the Internet. Network topology: (Internal server and PC1)---(4)USG_A(1)---(2)USG_B(3)--Internet Server: 1.1.1.1/8 PC1: 1.1.1.2/8 (1) 172.16.1.2 (2) 172.16.1.1 (3) 172.17.1.1/24 (4) 1.1.1.10/8 3. Configuration procedure: Configure traffic policing, traffic shaping, and interface rate limiting as follows: 1. Configure traffic shaping on the outbound interface GE interface 0/0/1 of USG_A to ensure compliance with the traffic rate on GE interface 0/0/2 of USG_B. 2. Configure traffic policing on GE interface 0/0/2 of USG_B to limit the packets sent from the server and PC1. 3. Configure interface rate limiting for GE interface 0/0/1 of USG_B to limit the packets destined for the Internet. 4. Procedure: a. For the USG series, add interfaces to security zones and configure inter-zone packet filtering to ensure normal network communication. The configuration procedure is not described here. For the USG BSR and HSR series, you do not need to add interfaces to security zones or configure packet filtering. b. Configure IP addresses for interfaces. Configure routes to ensure normal network communication. The configuration procedure is not described here. c. Configure traffic shaping on GE interface 0/0/1 of USG_A. Traffic shaping is performed for sent packets that exceed the rate 500,000 kbit/s to reduce the packet loss rate on GE interface 0/0/2 of USG_B. system-view [USG_A] interface GigabitEthernet 0/0/1 [USG_A-GigabitEthernet0/0/1] qos gts any cir 500000 //Traffic shaping [USG_A-GigabitEthernet0/0/1] quit d. Configure traffic policing on GE interface 0/0/2 of USG_B. [USG_B] system-view [USG_B] acl number 2001 [USG_B-acl-basic-2001] rule permit source 1.1.1.1 0.0.0.0 [USG_B-acl-basic-2001] quit [USG_B] acl number 2002 [USG_B-acl-basic-2002] rule permit source 1.1.1.2 0.0.0.0 [USG_B-acl-basic-2002] quit [USG_B] interface GigabitEthernet 0/0/2 //Traffic policing [USG_B-GigabitEthernet0/0/2] qos car inbound acl 2001 cir 54000 cbs 54000 green pass red discard [USG_B-GigabitEthernet0/0/2] qos car inbound acl 2002 cir 8000 cbs 15000 green pass red discard [USG_B-GigabitEthernet0/0/2] quit e. Configure interface rate limiting on GE interface 0/0/1 of USG_B to ensure that the rate for GE interface 0/0/1 to send packets does not exceed 1000 kbit/s. [USG_B] interface GigabitEthernet 0/0/1 //Interface rate limiting [USG_B-GigabitEthernet0/0/1] qos lr cir 1000 cbs 500 [USG_B-GigabitEthernet0/0/1] quit 5. Verification: On the USG, run display qos gts interface [ interface-type interface-number ] to view traffic shaping configuration.

How to delete the rate limiting configuration from an interface
1. Log in to the web system, and choose QoS > Interface Rate Limit to access the parameter configuration page for interface-based rate limiting. On the Interface Rate Limit List toolbar, select the check box of the interface from which the rate limiting configuration is to be deleted, and click Delete. Click OK in the displayed dialog box. The rate limiting configuration is deleted from on the interface. 2. Using commands: You can also run the undo command to delete configurations from the interface to which a traffic policy is applied or the interface with rate limiting configured.

Configuring the interface rate on the USG2130BSR
You can set the device interface rate through the web UI of the USG2130BSR. 1. Choose Network > Interface. 2. Click Edit in the line of the interface to be configured. 3. Select Advanced.

Does an AR support rate limiting on an interface
Both LAN and WAN interfaces support rate limiting. However, rate limiting does not take effect on NAT-enabled WAN interfaces.

How to configure rate limiting on a physical interface
WAN-side physical interfaces support rate limiting. You can limit the rate of outgoing packets on a WAN-side physical interface by configuring the percentage of the rate of packets against the interface bandwidth. Perform the following configuration: 1. Run the system-view command to enter the system view. 2. (Optional) Run the qos overhead layer { link | physics } command to configure the mode to calculate the packet length during traffic policing or traffic shaping. By default, the system counts the physical-layer and link-layer compensation information in the packet length during traffic policing or traffic shaping. 3. Run the interface interface-type interface-number command to enter the interface view. Run the qos lr pct pct-value [ cbs cbs-value ] command to configure the percentage of traffic rate against the interface bandwidth. By default, the percentage of traffic rate against the interface bandwidth is 100.

If you have more questions, you can seek help from following ways:
To iKnow To Live Chat
Scroll to top