Buy or Renew
Buy or Renew
NOTICE: You can now engage in the community. Learn about the great new Cisco Umbrella content.
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
875
Views
0
Helpful
3
Replies

Policing in QOS

wrobbin
Level 1
Level 1

‎11-19-2010 08:19 AM - edited ‎03-04-2019 10:31 AM

Currently i am having an issue where it seems like my Policing is not working correctly. I am using this on a input policy from My LAN to My WAN. What happens is the servers that match that ACL are only allow a certain about of bandwidth to push out updates to our remote sites but when they do push it bring those remotes site to a crawl. So is the policing total amout per interface or per flow ? ANy aisstance you could provide would be most helpful.

class-map match-all WINUP
match access-group 157

policy-map MARK-APPS
class VOICE-TRAFFIC
  set ip dscp ef
class MISSION-CRITICAL-TRAFFIC
  set ip dscp af31
class CALL-SIGNALING-TRAFFIC
  set ip dscp cs3
class ROUTING-TRAFFIC
  set ip dscp cs6
class TRANSACTIONAL-DATA-TRAFFIC
  set ip dscp af32
class WINUP
   police cir 750000
     conform-action transmit
     exceed-action drop
class BULK-DATA-TRAFFIC
  set ip dscp af21
class NETWORK-MANAGEMENT-TRAFFIC
  set ip dscp af22
class Interactive-Video-Traffic
  set ip dscp af41

sh policy-map MARK-APPS
  Policy Map MARK-APPS
    Class VOICE-TRAFFIC
      set ip dscp ef
    Class MISSION-CRITICAL-TRAFFIC
      set ip dscp af31
    Class CALL-SIGNALING-TRAFFIC
      set ip dscp cs3
    Class ROUTING-TRAFFIC
      set ip dscp cs6
    Class TRANSACTIONAL-DATA-TRAFFIC
      set ip dscp af32
    Class WINUP
     police cir 750000 bc 23437
       conform-action transmit
       exceed-action drop
    Class BULK-DATA-TRAFFIC
      set ip dscp af21
    Class NETWORK-MANAGEMENT-TRAFFIC
      set ip dscp af22
    Class Interactive-Video-Traffic
      set ip dscp af41

interface GigabitEthernet0/2
  ip accounting output-packets
load-interval 30
delay 100000
duplex full
speed 1000
media-type rj45
no negotiation auto
service-policy input MARK-APPS

Labels:
0 Helpful
3 Replies 3

gatlin007
Level 4
Level 4

‎11-19-2010 12:22 PM

In this example it would not police per-flow.  It would police all traffic matching the class WINUP to 750Kbps.  You may want to investigate micro-flow policing on the downstream switch.


This link has some good micro-flow info:


http://www.cisco.com/en/US/products/hw/switches/ps700/products_tech_note09186a00801c8c4b.shtml



Chris

0 Helpful

wrobbin
Level 1
Level 1
In response to gatlin007

‎11-19-2010 01:16 PM

i didnt want to do per flow just wondering why we had a policer on that interface and it doesnt seem to be working right ...casue when those servers start a push they kill some of out remote sites the ACL its maps to is an Extended IP host ACL so it should cover all ports.it is also placed high in the policy

0 Helpful

gatlin007
Level 4
Level 4
In response to wrobbin

‎11-19-2010 01:37 PM

When the problem is occurring try a 'show policy-map interface g0/2'.  This should give you and indication if the traffic in question is being matched by the WINUP class.


Chris

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card