02-23-2007 03:49 PM - edited 03-03-2019 03:54 PM
I have a 3750 switch, with 150MB internet coming into g1/0/1...i have 15 ports g1/0/2-15 that go out to customers, i want to put a policier on the ports to hold them at 10MB, my question is should i do a service-policy input or output here?
i want to limit them to 10MB download...would that be input since its coming IN from the internet, or is Input in from the switch port??
TIA
02-26-2007 06:08 PM
Oh yes, the ACL is the other way round. I was copying my config for upload :)
Revised example;
Customer1 Network = 192.168.1.0/24
Customer2 Network = 192.168.2.0/24
.
.
.
Customer14 Network = 192.168.14.0/24
!
mls qos
mls qos aggregate-policer DL_10.0M 10000000 64000 exceed-action drop
!
class-map match-all Customer1
match access-group 2101
class-map match-all Customer2
match access-group 2102
.
.
.
class-map match-all Customer14
match access-group 2114
!
policy-map DOWNLOAD
class Customer1
police aggregate DL_10.0M
class Customer2
police aggregate DL_10.0M
.
.
.
class Customer14
police aggregate DL_10.0M
!
interface gigabitethernet1/0/1
service-policy input DOWNLOAD
!
access-list 2101 remark Customer1
access-list 2101 permit ip any 192.168.1.0 0.0.0.255
access-list 2102 remark Customer2
access-list 2102 permit ip any 192.168.2.0 0.0.0.255
.
.
.
access-list 2114 remark Customer14
access-list 2114 permit ip any 192.168.14.0 0.0.0.255
NOTE: All subnet/networks should be in policy.
02-26-2007 05:16 PM
So i tried this in my lab...i did the following:
mls qos
mls qos aggregate-policer DL_10.0M 10000000 64000 exceed-action drop
class-map match-all Customer1
match access-group 2101
access-list 2101 remark Customer1
access-list 2101 permit ip any 192.168.13.0 0.0.0.255
policy-map DOWNLOAD
class Customer1
police aggregate DL_10.0M
int f0/23
service-policy input DOWNLOAD
then i tried to do a windows file transfer from a file server on a different subnet to simulate a large download...i was trying to download a 60MB ISO...the windows transfer wouldnt even start, it just hung...i deapplied the policy an it worked...
Any one have any ideas here??? TIA
02-26-2007 06:01 PM
You put 192.168.13.0/24 in the policy and you test another subnet to download? Do you have other policy in the switch, please remove them for the test.
Take note that 192.168.13.0/24 should be in the switch port other than f0/23. The other subnet should be in f0/23. For this test, you should not have any other Qos policy and you should have only two networks 192.168.13.0/24 and the other network which is connected to fa0/23 where you put the "service-policy input DOWNLOAD"
02-26-2007 07:09 PM
there are no QoS policies on my box other then what i have posted...f0/23 is a trunk from my dist switch to my core, the 192.168.13.0 subnet is on the dist switch, the 192.168.1.0 subnet (the "other" subnet) is on the core switch....
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide