11-05-2002 10:19 AM - edited 03-02-2019 02:39 AM
I'm having trouble with a rate limiting configuration. The pertinent commands from my config are below. This switch is in a metro Ethernet environment. I just need to be able to lock the ports down to a predifined rate regardless if traffic type.
IOS ver 12.1(11)EA1 - SMI code
Thanks,
Patrick Brown
======================================
mls qos
!
class-map match-all alltraffic
match any
!
!
policy-map 256Kbps
class alltraffic
police 256000 8000 exceed-action drop
!
policy-map 1Mbps
class alltraffic
police 1024000 8000 exceed-action drop
!
policy-map 2Mbps
class alltraffic
police 2048000 8000 exceed-action drop
!
interface FastEthernet0/22
switchport access vlan 127
no ip address
service-policy input 256Kbps
service-policy output 256Kbps
!
11-05-2002 11:47 AM
I lab tested using the following configuration (pertinent commands only):
mls qos aggregate-policer ALLTraffic 149600 8000 exceed-action drop
mls qos
class-map match-all Test1
match access-group name RateLimit1
class-map match-all Test2
match access-group name RateLimit2
policy-map Limited
class Test1
police aggregate ALLTraffic
classTest2
police aggregate ALLTraffic
mac access-list extended RateLimit2
permit any any
ip access-list extended RateLimit1
permit ip any any
interface FastEthernet0/22
service-policy input Limited
I think I covered it all. Adapt it to match your needs.
11-05-2002 06:22 PM
Thanks Michael,
The problem I have with matching based on ACLs is that the service policy will only operate ingress, not egress. I need to control upload AND download.
I've been able to get something working by matching IP DSCP 0. The only problem I can think of is if the DSCP value is different. Should I add all 64 values to my class map? There must be a better way?
Thanks again,
Patrick Brown
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide