09-13-2006 03:07 AM
Hello!
I am running a Cisco Catalyst 3750 with IOS c3750-ipbase-mz.122-25.SEB4.bin
Since we've deployed these switched on our Metro Ethernet network, we are now needing the capability to police/rate-limit the client's ports.
I've done examples on Cisco's docs about QoS in 3750 but can't seem to get it right.
I have mls qos enabled
QoS is enabled
QoS ip packet dscp rewrite is enabled
I have placed this configurations to try to limit client traffic
class-map match-all ANY
match access-group 1
!
access-list 1 permit any
!
policy-map POLICE-TO-2MB
class ANY
police 2000000 375000 exceed-action drop
I then apply this to the client interface
interface GigabitEthernet1/0/5
description Link to Customer
switchport access vlan 12
service-policy input POLICE-TO-2MB
end
apparently, the client's input traffic, meaning his upload to me is still exceeding 2Mbits, actually it is still at 95Mbits/sec so I am really confused.
Hope you guys could give me some pointers on how to police all type of traffic on this interface.
Thanks!
09-13-2006 04:26 AM
You can't use input police in normal ports in the 3750.
You need to use de ES ports.
So you can do an VLAN police rate.
09-13-2006 09:09 AM
Hi,
Pardon me, but what do you mean by ES ports? I hope you could point me to a documentation about this or probably a simple example. Thank you.
09-13-2006 09:37 AM
apply the service policy to interface vlan 12, not the layer 2 switchport interface GigabitEthernet1/0/5.
This should work.
also to ratelimit egress traffic use the srr-queue bandwidth shape command. You can't do a service policy output on the 3550/3750. THere is a hardware limitation.
09-14-2006 03:52 AM
An ES port is found on 3750 Metro switches.
If you have the 3750 standard, you will need to aply in the vlan.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide