How do I configure hierarchical policers and filters?
Configuring Traffic and Hierarchical Policers and Filters:
- You must configure the bandwidth limit of the premium policer at or below the bandwidth limit of the aggregate policer. If the two bandwidth limits are equal, then only non-expedited forwarding (EF traffic passes through the interface unrestricted; no EF traffic arrives at the interface. For more information, click Methods for Regulating Traffic by Applying Hierarchical Policers
- When you define an interface-specific filter, you must limit the filter name to no more than 52 bytes. Firewall filter names are restricted to 64 bytes in length, and interface-specific filters have the specific-name appended to them to differentiate their counters and policing actions.
- A non-interface-specific filter can only have a hierarchical policer if no logical interface-specific filter action is specified. For more information, click Hierarchical Policer Applied as Filter Action
- For aggregate policers, the configurable actions for a packet in a nonconforming flow are to discard the packet, change the loss priority, or change the forwarding class.
- The bandwidth limit for the premium policer must not be greater than that of the aggregate policer. For the premium policers, the only configurable action for a packet in a nonconforming traffic flow is to discard the packet. For more information, click Example: Configuring Hierarchical Policers to Limit Rates of Services in a Static Environment