05-19-2017 06:47 AM - edited 03-05-2019 08:33 AM
Hey Community'
I have configured 2 Policy-Maps (WL-NOC-IN & WL-NOC-OUT) on CISCO 3750G Switch in order restrict customers bandwidth. Recently, i start facing an issue. Issue is that WL-NOC-OUT map is not working properly. For Example, Whenever I gave command "police bandwidth burst rate exceed action drop" it will take the command but didn't take effect as desired. Screen shots are attached. Please review & guide accordingly.
Regards'
Solved! Go to Solution.
05-20-2017 12:27 PM
Hello,
the burst bytes value might be the problem. Try:
class qsa-OUT
 police 10000000 8000 exceed-action drop
 
					
				
		
05-19-2017 10:33 AM
Hello,
the short answer is: egress policing is not supported on the 3750.
What do you want to accomplish with your egress policy ? Can you post the configuration of the switch ?
05-19-2017 11:45 AM
Hi,
Command "police bandwidth burst rate exceed action drop" is not supported on 3750G. You need to set policer parameters like "police 100000000 1000000 exceed-action drop".
05-19-2017 10:52 PM
As it is shown from the attached screen shot. I am doing same exact command "police 1000000 256000 exceed-action drop". I knew that "police bandwidht burst rate exceed-action drop" is not available. I written like just for example.
Regards'
05-20-2017 03:35 AM
Hello,
there is another class with no action, 'sacred-OUT'.
Do access-lists 2048 and 172 exist ?
class-map match-all sacred-OUT
 match access-group 2048
class-map match-all qsa-OUT
 match access-group 172
05-20-2017 03:52 AM
Hi,
access-lists 2048 & 172 does exist. Class sacred-OUT is behaving same as qsa-OUT.
Regards'
05-20-2017 04:06 AM
Hello,
you might be hitting the bug below. Recommended workaround is to use:
"show mls qos interface statistics"
"show policy-map interface" in 2960, 2970, 3560, 3750 should give error
CSCso80701
Description
Symptom:
"show policy-map interface" shows no matches
Conditions:
This command is run on one of the following switches:
2950
2960
2970
3550
3560
3750
Workaround:
This is a hardware limitation and these switches do not support this output.
However, the following show command can be used as a workaround:
"show mls qos interface statistics".
05-20-2017 12:03 PM
gpauwen ,
I have 3750G & both commands are working & showing desired output. i didn't see any error.
Regards'
05-20-2017 12:27 PM
Hello,
the burst bytes value might be the problem. Try:
class qsa-OUT
 police 10000000 8000 exceed-action drop
05-21-2017 04:22 AM
05-23-2017 05:47 AM
Hi azibnaseem,
I see you have called multiple class-maps under policy map WL-NOC-OUT. You need to set something like the following:-
policy-map WL-NOC-OUT
class class-default
no police 115000000 256000 exceed-action drop
class qsa-OUT
10000000 8000 exceed-action drop
 class class-default
 police 100000000 256000 exceed-action drop
05-23-2017 11:01 PM
After applied your suggested setting, class qsa-OUT start taking the values but class-default didn't take any values & also new created classes didn't take any values. screen shot is attached for the review.
Regards'
05-24-2017 12:14 AM
Hello,
try and add 'trust dscp' to your class maps, e.g.:
class qsa-OUT
 trust dscp
 10000000 8000 exceed-action drop
class class-default
 trust dscp
 police 100000000 256000 exceed-action drop
05-24-2017 03:11 AM
Applying suggested commands didn't make any difference. Same issue still persisted.
Regards'
05-24-2017 05:02 AM
Hello,
try the following:
Remove the service policy from the interfaces, e.g.:
interface GigabitEthernet1/0/1
 description "Link to Sialkot-gw on Gi 0/2"
 no switchport
 ip address 172.16.30.102 255.255.255.252
no service-policy input WL-NOC-OUT
Then configure the class, and after that, reattach the service policy to the interface...
 
					
				
				
			
		
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide