Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1632
Views
0
Helpful
7
Replies

Cisco 7600, SVI and service-policy output

dmfld2000
Level 1
Level 1

‎04-30-2019 02:48 AM

Hello.

I need to configure output service policy on SVI interface on Cisco7600.

I create config:

policy-map Customer1-OUT 
class Customer1-OUT 
police cir 3145728000 bc 31250000 pir 3145728000 be 31250000 
conform-action transmit 
exceed-action drop 
violate-action drop 
! 
interface Vlan501 
ip address ... 
service-policy output Customer1-OUT
 ! 
interface TenGigabitEthernet1/3
 description
 switchport 
switchport trunk encapsulation dot1q 
switchport trunk allowed vlan 501 
switchport mode trunk

but policy don`t work. Why?

class-map: Customer1-OUT (match-all)
      Match: access-group name Customer1-OUT
      police :
        3145728000 bps 31250000 limit 31250000 extended limit
      Earl in slot 1 :
        214663925855 bytes
        5 minute offered rate 750205904 bps
        aggregate-forwarded 214663925855 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 723111200 bps exceed 0 bps
      Earl in slot 2 :
        239894739668 bytes
        5 minute offered rate 868090112 bps
        aggregate-forwarded 239894739668 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 827445824 bps exceed 0 bps
      Earl in slot 3 :
        108234961755 bytes
        5 minute offered rate 380137264 bps
        aggregate-forwarded 108234961755 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 391241680 bps exceed 0 bps
Labels:
0 Helpful
7 Replies 7

Georg Pauwen
VIP
VIP

‎04-30-2019 05:49 AM

Hello,

 

what does access-group name Customer1-OUT look like ? Which IOS version are you running on the 7600 ?

0 Helpful

dmfld2000
Level 1
Level 1
In response to Georg Pauwen

‎05-06-2019 03:42 AM

Hello.

 

IOS 12.2 (33) SRE10

 

ACL is

10 permit ip any 192.168.0.0 0.0.0.255

20 permit ip any 192.168.5.0 0.0.0.255

30 permit ip any 192.168.6.0 0.0.0.255

 

0 Helpful

Georg Pauwen
VIP
VIP
In response to dmfld2000

‎05-06-2019 03:53 AM

Hello,

 

what is the IP address of Vlan 501 ? And where are the networks specified in the access list, do they traverse the SVI for Vlan 501 ?

0 Helpful

dmfld2000
Level 1
Level 1
In response to Georg Pauwen

‎05-06-2019 08:23 PM

Yes, all traffic for these subnets traverse  SVI Vlan501.

0 Helpful

dmfld2000
Level 1
Level 1
In response to Georg Pauwen

‎05-06-2019 08:25 PM

int vlan501

ip address 192.168.1.1 255.255.255.252

 

!

ip route 192.168.0.0 255.255.255.0 192.168.1.2

ip route 192.168.5.0 .255.255.255.0 192.168.1.2

...

0 Helpful

Sebastian Fernandez
Level 1
Level 1

‎05-06-2019 09:50 PM

Hi @dmfld2000 

 

The police CIR is setup to use 3.14 Gbps. But counters shows that you are not exceeding the traffic rate. Also remember that you have burst bucket also configured giving some cushion there.

 

 

****** Please mark the post as helpful *******

 

Sebastian

0 Helpful

dmfld2000
Level 1
Level 1
In response to Sebastian Fernandez

‎05-07-2019 03:52 AM 

     police :
        3145728000 bps 31250000 limit 31250000 extended limit
      Earl in slot 1 :
        6887104556442 bytes
        5 minute offered rate 718201976 bps
        aggregate-forwarded 6887104556442 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 625692728 bps exceed 0 bps
      Earl in slot 2 :
        7613678695196 bytes
        5 minute offered rate 748981136 bps
        aggregate-forwarded 7613678695196 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 747282640 bps exceed 0 bps
      Earl in slot 3 :
        3764832708775 bytes
        5 minute offered rate 367591472 bps
        aggregate-forwarded 3764832708775 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 361855336 bps exceed 0 bps
      Earl in slot 4 :
        9010875499279 bytes
        5 minute offered rate 826443496 bps
        aggregate-forwarded 9010875499279 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 807892416 bps exceed 0 bps
      Earl in slot 5 :
        353134744 bytes
        5 minute offered rate 112 bps
        aggregate-forwarded 353134744 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 224 bps exceed 0 bps
      Earl in slot 6 :
        2519751428405 bytes
        5 minute offered rate 238697640 bps
        aggregate-forwarded 2519751428405 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 267382440 bps exceed 0 bps
      Earl in slot 7 :
        21226724264 bytes
        5 minute offered rate 3984904 bps
        aggregate-forwarded 21226724264 bytes action: transmit
     exceeded 0 bytes action: drop
        aggregate-forward 3533080 bps exceed 0 bps
      Earl in slot 8 :
        8513823393901 bytes
        5 minute offered rate 923751896 bps
        aggregate-forwarded 8513823393901 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 936583320 bps exceed 0 bps
      Earl in slot 9 :
        2906680203 bytes
        5 minute offered rate 95968 bps
        aggregate-forwarded 2906680203 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 41968 bps exceed 0 bps

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0000 bps, drop rate 0000 bps
      Match: any
0 Helpful
Customers Also Viewed These Support Documents