CAR functions of Huawei Routers

The CAR function of Huawei router refers to the guaranteed access rate. The inbound and outbound traffic rates of a port or sub-port are classified according to a standard ceiling, different QoS priorities can only be assigned to IP packets, but not to non-IP traffic.
1. to control traffic, we need to first identify data packets and then control the traffic. We need to control the data packet type, the bandwidth usage of the throttling using the tokenbucket algorithm traffic flow. When each inbound frame arrives, the length is added to the tokenbucket, and the value of CIR or the average throttling rate is subtracted from the tokenbucket every 0.25 milliseconds. Www.2cto.com 2. The traffic rate limit is allowed to suddenly exceed the average rate. The quality between the tokenbucket increase to the burst value (in bytes) level is a valid burst, which is also called in-profiletraffic. When the tokenbucket size exceeds the burst value, the throttling determines that the traffic is too large. When the traffic exceeds the maximum burst value to reach PIR, the throttling determines that the traffic is in violation. This type of traffic is also called out-of-profiletraffic. 3. We usually configure the CAR on the edge router of the network. The configuration of CAR mainly includes the following parts: 1. Determine the traffic type, that is, the traffic we need to monitor, mainly through the following methods: (1) Based on the IP prefix, this method is defined by rate-limitaccesslist. (2) QoS-based grouping. (3) Based on the MAC address. (4) IPaccesslist based on standard or extended. 2. Configure rate-limit: interfaceXrate-limit {inputoutput} [access-groupnumber] bpsburst-normalburst-maxconform-actionactionexceed-actionaction on the corresponding port. (1) Interface: the port you want to control the traffic. It can be an Ethernet port or a serial port, but different types of interfaces are selected on the input and output ports below. (2) Inputoutput: Determine the traffic to be restricted. If the Ethernet port is configured, the traffic is output. If the port is configured on serial, the traffic is input. (3) conform-action: processing policy for traffic below the rate limit, exceed-action: processing policy for traffic exceeding the rate limit. 4. Besides limiting the traffic rate, CAR can also be used to defend against DoS attacks. For example, Smurf attacks flood the network with a large number of ICMP attacks with illegal source addresses, occupying network resources. We can set the speed limit for ICMP packets on the router by configuring the CAR to protect the network. After the above settings, we can limit the forwarding rate and size of ICMP packets to a certain extent to reduce the damage to the network and host. The CAR speed limit policy can only be effectively used in this way, take corresponding preventive measures for different types of attacks.