Configuring the Rate Limit for Broadcast and Multicast Packets of APs

Context

A large number of packets on a device occupy many network resources, affecting network services. To ensure normal running of network services, you can limit the rate of packets of some protocols (such as DHCP and ARP) on APs with a proper range.

The following table lists the method for limiting the rate of packets.

**Table 1** Method for limiting the rate of packets
Granularity	Description	Configuration
AP-based	Limit the rate of downlink traffic on the AP's wired interface and CAPWAP tunnel. NOTE: The rate of only broadcast and multicast packets is limited, and that of unicast packets is not limited.	Configuring the Rate Limit for Broadcast and Multicast Packets of APs NOTE: The AD9431DN-24X does not support this function.
STA-based	Limit the rate of uplink traffic on the air interface from STAs. NOTE: The rate of unicast, multicast, and broadcast packets can be limited.	Configuring Flood Attack Prevention

Procedure

Run system-view
The system view is displayed.
Run wlan
The WLAN view is displayed.
Run ap-system-profile name profile-name
An AP system profile is created, and the AP system profile view is displayed.

By default, the system provides the AP system profile default.
Run undo traffic-optimize broadcast-suppression { all | arp | igmp | nd | dhcp | dhcpv6 | mdns | other-broadcast | other-multicast } disable
Rate limit for broadcast and multicast packets is enabled.

By default, rate limit for broadcast and multicast packets is enabled on an AP.
(Optional) Run traffic-optimize broadcast-suppression { arp | igmp | nd | dhcp | dhcpv6 | mdns | other-broadcast | other-multicast } rate-threshold threshold-value
The rate threshold is configured for broadcast and multicast packets on an AP.

By default, the rate threshold for other-broadcast and other-multicast is 16 pps, and that for other parameters is 256 pps.

After you run the traffic-optimize broadcast-suppression rate-threshold command to configure a rate threshold for broadcast and multicast packets on an AP, the configured threshold will override the default rate threshold. The actual rate of broadcast and multicast packets will not exceed the configured rate threshold. If a large rate threshold is set, the expected network protection effect is not achieved. If a small rate threshold is set, broadcast and multicast packets may be lost. In most cases, use the default rate threshold unless otherwise specified.
Run quit
Return to the WLAN view.
Bind an AP system profile to an AP group or AP.
- Binding an AP system profile to an AP group.
  1. Run the ap-group name group-name command to enter the AP group view.
  2. Run the ap-system-profile profile-name command to bind the AP system profile to the AP group.
    
    By default, the AP system profile default is bound to an AP group.
- Binding an AP system profile to an AP.
  1. Run the ap-id ap-id, ap-mac ap-mac, or ap-name ap-name command to enter the AP view.
  2. Run the ap-system-profile profile-name command to bind the AP system profile to the AP.
    
    By default, no AP system profile is bound to an AP.