cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
6662
Views
20
Helpful
23
Replies

Policy-map Issue.

azibnaseem
Level 1
Level 1

Hey Community'

I have configured 2 Policy-Maps (WL-NOC-IN & WL-NOC-OUT) on CISCO 3750G Switch in order restrict customers bandwidth. Recently, i start facing an issue. Issue is that WL-NOC-OUT map is not working properly. For Example, Whenever I gave command "police bandwidth burst rate exceed action drop" it will take the command but didn't take effect as desired. Screen shots are attached. Please review & guide accordingly.

Regards' 

1 Accepted Solution

Accepted Solutions

Hello,

the burst bytes value might be the problem. Try:

class qsa-OUT
 police 10000000 8000 exceed-action drop

View solution in original post

23 Replies 23

Hello,

the short answer is: egress policing is not supported on the 3750.

What do you want to accomplish with your egress policy ? Can you post the configuration of the switch ?

Hi,

Command "police bandwidth burst rate exceed action drop" is not supported on 3750G. You need to set policer parameters like "police 100000000 1000000 exceed-action drop".

Spooster IT Services Team

spoooster  '

As it is shown from the attached screen shot. I am doing same exact command "police 1000000 256000 exceed-action drop". I knew that "police bandwidht burst rate exceed-action drop" is not available. I written like just for example.

Regards'

Hello,

there is another class with no action, 'sacred-OUT'.

Do access-lists 2048 and 172 exist ?

class-map match-all sacred-OUT
 match access-group 2048

class-map match-all qsa-OUT
 match access-group 172

Hi,

access-lists 2048 & 172 does exist. Class sacred-OUT is behaving same as qsa-OUT.

Regards'

Hello,

you might be hitting the bug below. Recommended workaround is to use:

"show mls qos interface statistics"

"show policy-map interface" in 2960, 2970, 3560, 3750 should give error
CSCso80701
Description
Symptom:
"show policy-map interface" shows no matches

Conditions:
This command is run on one of the following switches:
2950
2960
2970
3550
3560
3750

Workaround:
This is a hardware limitation and these switches do not support this output.
However, the following show command can be used as a workaround:
"show mls qos interface statistics".

gpauwen ,

I have 3750G & both commands are working & showing desired output. i didn't see any error.

Regards'

Hello,

the burst bytes value might be the problem. Try:

class qsa-OUT
 police 10000000 8000 exceed-action drop

HI

Setting suggested burst bytes didn't solved the issue. Screen shot is attached.

Regards'

Hi azibnaseem,

I see you have called multiple class-maps under policy map WL-NOC-OUT. You need to set something like the following:-

policy-map WL-NOC-OUT
class class-default
no police 115000000 256000 exceed-action drop
class qsa-OUT
10000000 8000 exceed-action drop
class class-default
police 100000000 256000 exceed-action drop

Spooster IT Services Team

spoooster  '

After applied your suggested setting, class qsa-OUT start taking the values but class-default didn't take any values & also new created classes didn't take any values. screen shot is attached for the review.

Regards'

Hello,
try and add 'trust dscp' to your class maps, e.g.:

class qsa-OUT
 trust dscp
 10000000 8000 exceed-action drop
class class-default
 trust dscp
 police 100000000 256000 exceed-action drop

gpauwen  

Applying suggested commands didn't make any difference. Same issue still persisted.

Regards'

Hello,

try the following:

Remove the service policy from the interfaces, e.g.:

interface GigabitEthernet1/0/1
description "Link to Sialkot-gw on Gi 0/2"
no switchport
ip address 172.16.30.102 255.255.255.252
no service-policy input WL-NOC-OUT

Then configure the class, and after that, reattach the service policy to the interface...