03-03-2015 12:05 AM - edited 03-05-2019 12:55 AM
Hi there,
I have a problem with a policy-map on an interface VLAN on my Cisco 6509-E.
The switch has the IOS Version 12.2(33)SXI10, RELEASE SOFTWARE (fc2).
I have configured this policy-map:
policy-map PM-10Mbit
class class-default
police cir 10000000 bc 1875000 be 3750000 conform-action transmit exceed-action drop violate-action drop
I bind this map on a physical interface
interface GigabitEthernet2/2
description <removed>
ip vrf forwarding <removed>
ip address <removed>
ip access-group <removed> out
service-policy input PM-10Mbit
service-policy output PM-10Mbit
and get this result:
show policy-map interface
GigabitEthernet2/2
Service-policy input: PM-10Mbit
class-map: class-default (match-any)
Match: any
police :
10000000 bps 1875000 limit 1875000 extended limit
Earl in slot 5 :
6428065284 bytes
5 minute offered rate 14696 bps
aggregate-forwarded 6294160565 bytes action: transmit
exceeded 133904719 bytes action: drop
aggregate-forward 584 bps exceed 0 bps
Service-policy output: PM-10Mbit
class-map: class-default (match-any)
Match: any
police :
10000000 bps 1875000 limit 1875000 extended limit
Earl in slot 4 :
10335145381 bytes
5 minute offered rate 21536 bps
aggregate-forwarded 10142894661 bytes action: transmit
exceeded 192250720 bytes action: drop
aggregate-forward 128 bps exceed 0 bps
Earl in slot 5 :
263335780 bytes
5 minute offered rate 176 bps
aggregate-forwarded 263335780 bytes action: transmit
exceeded 0 bytes action: drop
aggregate-forward 448 bps exceed 0 bps
But when I bind it on an interface VLAN i see no incoming traffic:
show policy-map interface
Vlan1012
Service-policy input: PM-100Mbit
class-map: class-default (match-any)
Match: any
police :
100000000 bps 18750000 limit 18750000 extended limit
Earl in slot 4 :
0 bytes
30 second offered rate 0 bps
aggregate-forwarded 0 bytes action: transmit
exceeded 0 bytes action: drop
aggregate-forward 0 bps exceed 0 bps
Earl in slot 5 :
0 bytes
30 second offered rate 0 bps
aggregate-forwarded 0 bytes action: transmit
exceeded 0 bytes action: drop
aggregate-forward 0 bps exceed 0 bps
Service-policy output: PM-100Mbit
class-map: class-default (match-any)
Match: any
police :
100000000 bps 18750000 limit 18750000 extended limit
Earl in slot 4 :
1005376843668 bytes
30 second offered rate 33016448 bps
aggregate-forwarded 1005362388151 bytes action: transmit
exceeded 14455517 bytes action: drop
aggregate-forward 30943792 bps exceed 0 bps
Earl in slot 5 :
1828318775 bytes
30 second offered rate 1296 bps
aggregate-forwarded 1828318775 bytes action: transmit
exceeded 0 bytes action: drop
aggregate-forward 1272 bps exceed 0 bps
Is this a bug or am I doing something wrong here?
03-03-2015 12:54 AM
Hello
Try applying " mls qos vlan based" command on the physical interfaces of the trunks traversing this vlan.
res
Paul
03-03-2015 02:00 AM
Thank you
this seems to fix the problem.
But why? Could you please tell me what the effect of this command is and why was there a problem with the ingoing PM but not with the outgoing?
03-03-2015 02:46 AM
Hello
As I understand it , this is command is required in mls qos because on a SVI ( L3 vlan interface) runs in a vlan-based mode which differs from normal L3 routed interfaces which run in interface mode.
As per cisco ="In VLAN-based mode, the policy map that is attached to the Layer 2 interface is ignored, and QoS is driven by the policy map that is attached to the corresponding VLAN interface."
Lastly regards
Try matching on all traffic incoming on the trunk interface on that switch for it to successfully police incoming traffic:
class-map V102
match input-interface x/x
Policy-map POLICE
class V102
Police xxxx xxxx
res
Paul
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide