Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
2788
Views
10
Helpful
3
Replies

Policy-map input on an interface VLAN

andreas-bauer
Level 1
Level 1

‎03-03-2015 12:05 AM - edited ‎03-05-2019 12:55 AM

Hi there,

 

I have a problem with a policy-map on an interface VLAN on my Cisco 6509-E.

The switch has the IOS Version 12.2(33)SXI10, RELEASE SOFTWARE (fc2).

 

I have configured this policy-map:

policy-map PM-10Mbit
  class class-default
   police cir 10000000 bc 1875000 be 3750000    conform-action transmit     exceed-action drop     violate-action drop

 

 I bind this map on a physical interface

interface GigabitEthernet2/2
 description <removed>
 ip vrf forwarding <removed>
 ip address <removed>
 ip access-group <removed> out
 service-policy input PM-10Mbit
 service-policy output PM-10Mbit

and get this result:

show policy-map interface

GigabitEthernet2/2

  Service-policy input: PM-10Mbit

    class-map: class-default (match-any)
      Match: any
      police :
        10000000 bps 1875000 limit 1875000 extended limit
      Earl in slot 5 :
        6428065284 bytes
        5 minute offered rate 14696 bps
        aggregate-forwarded 6294160565 bytes action: transmit
        exceeded 133904719 bytes action: drop
        aggregate-forward 584 bps exceed 0 bps

  Service-policy output: PM-10Mbit

    class-map: class-default (match-any)
      Match: any
      police :
        10000000 bps 1875000 limit 1875000 extended limit
      Earl in slot 4 :
        10335145381 bytes
        5 minute offered rate 21536 bps
        aggregate-forwarded 10142894661 bytes action: transmit
        exceeded 192250720 bytes action: drop
        aggregate-forward 128 bps exceed 0 bps
      Earl in slot 5 :
        263335780 bytes
        5 minute offered rate 176 bps
        aggregate-forwarded 263335780 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 448 bps exceed 0 bps

But when I bind it on an interface VLAN i see no incoming traffic:

show policy-map interface

 Vlan1012

  Service-policy input: PM-100Mbit

    class-map: class-default (match-any)
      Match: any
      police :
        100000000 bps 18750000 limit 18750000 extended limit
      Earl in slot 4 :
        0 bytes
        30 second offered rate 0 bps
        aggregate-forwarded 0 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 0 bps exceed 0 bps
      Earl in slot 5 :
        0 bytes
        30 second offered rate 0 bps
        aggregate-forwarded 0 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 0 bps exceed 0 bps

  Service-policy output: PM-100Mbit

    class-map: class-default (match-any)
      Match: any
      police :
        100000000 bps 18750000 limit 18750000 extended limit
      Earl in slot 4 :
        1005376843668 bytes
        30 second offered rate 33016448 bps
        aggregate-forwarded 1005362388151 bytes action: transmit
        exceeded 14455517 bytes action: drop
        aggregate-forward 30943792 bps exceed 0 bps
      Earl in slot 5 :
        1828318775 bytes
        30 second offered rate 1296 bps
        aggregate-forwarded 1828318775 bytes action: transmit
        exceeded 0 bytes action: drop
        aggregate-forward 1272 bps exceed 0 bps

Is this a bug or am I doing something wrong here?

Labels:
0 Helpful
3 Replies 3

paul driver
VIP
VIP

‎03-03-2015 12:54 AM

Hello

Try applying " mls qos vlan based" command on the physical interfaces of the trunks traversing this vlan.

 

res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

andreas-bauer
Level 1
Level 1
In response to paul driver

‎03-03-2015 02:00 AM

Thank you

 

this seems to fix the problem.

But why? Could you please tell me what the effect of this command is and why was there a problem with the ingoing PM but not with the outgoing?

0 Helpful

paul driver
VIP
VIP
In response to andreas-bauer

‎03-03-2015 02:46 AM

Hello

As I understand it , this is command is required in mls qos because on a SVI ( L3 vlan interface) runs in a vlan-based mode which differs from normal L3 routed interfaces which run in interface mode.

As per cisco ="In VLAN-based mode, the policy map that is attached to the Layer 2 interface is ignored, and QoS is driven by the policy map that is attached to the corresponding VLAN interface."

 

Lastly regards

Try matching on all traffic incoming on the trunk interface on that switch for it to successfully police incoming traffic:

class-map V102
match input-interface x/x

Policy-map POLICE
class V102
Police xxxx xxxx


res

Paul


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card