speed-limit

Function

The speed-limit command sets the speed limit for encrypted traffic in an IPSec tunnel.

The undo speed-limit command restores the default setting.

By default, the speed limit for encrypted traffic in an IPSec tunnel is not set.

This command is supported only on the NetEngine 8000 F1A.

Format

speed-limit { inbound inspeedlimit | outbound outspeedlimit } [ ike ] [ payload ]

undo speed-limit { inbound | outbound }

Parameters

Parameter Description Value
inbound inspeedlimit

Indicates the speed limit of inbound direction.

It is an integer that ranges from 8 to 4194303, in kilobytes.
outbound outspeedlimit

Indicates the speed limit of outbound direction.

It is an integer that ranges from 8 to 4194303, in kilobytes.
ike

Indicates IKE rate limiting.

-
payload

Indicates the payload. After this parameter is specified, rate limit applies only to IP packets but not to the IPsec header or GRE header in the packets.

-

Views

IPsec profile view, ISAKMP IPsec policy view, IPsec policy template view

Default Level

2: Configuration level

Task Name and Operations

Task Name Operations
ike write

Usage Guidelines

Usage Scenario

When multiple tunnels are established on device, traffic conflicts occur when the data flow is heavy. By configuring the speed-limit command, you can limit packet traffic over each IPsec tunnel. The excessive traffic is discarded and hence traffic over each tunnel is transmitted.

Precautions

In VS mode, this command is supported only by the admin VS.

Example

# Set the speed limit for the inbound encrypted traffic of the IPsec policy policy1 to 500 Kbyte/s.
<HUAWEI> system-view
[~HUAWEI] ipsec policy policy1 1 isakmp
[*HUAWEI-ipsec-policy-isakmp-policy1-1] speed-limit inbound 500
Parent Topic: IPSec Configuration Commands
Copyright © Huawei Technologies Co., Ltd.
Copyright © Huawei Technologies Co., Ltd.
< Previous topic Next topic >