4-5the required number of tokens are generated in the token bucket. Thus, traffic rate is restricted to therate for generating tokens, thus limiting traffic rate and allowing bursty traffic.Line rate can only limit the total traffic rate on a physical port, while traffic policing can limit the rate of aflow on a port. To limit the rate of all the packets on a port, using line rate is easier.Configuring Traffic PolicingConfiguration ProcedureFollow these steps to configure traffic policing:To do… Use the command… RemarksEnter system view system-view —Create a class and enterclass viewtraffic classifier tcl-name [ operator{ and | or } ] —Configure the matchcriteria if-match match-criteria —Exit class view quit —Create a behavior andenter behavior view traffic behavior behavior-name —Configure a traffic policingactioncar cir committed-information-rate[ cbs committed-burst-size [ ebsexcess-burst-size ] ] [ pirpeak-information-rate ] [ green action ][ red action ] [ yellow action ]RequiredExit behavior view quit —Create a policy and enterpolicy view qos policy policy-name —Associate the class withthe traffic behavior in theQoS policyclassifier tcl-name behaviorbehavior-name —Exit policy view quit —To an interface Applying the QoS policy to an interface —To onlineusersApplying the QoS policy to onlineusers —To a VLAN Applying the QoS policy to a VLAN —Apply theQoSpolicyGlobally Applying the QoS policy globally —Configuration ExampleConfigure traffic policing on GigabitEthernet 1/0/1 to limit the rate of received HTTP traffic to 512 kbpsand drop the exceeding traffic.# Enter system view. system-view# Configure advanced ACL 3000 to match HTTP traffic.[Sysname] acl number 3000