11-04-2020 10:13 PM
I want to understand when do we apply qos over vlan vs on interface. And what advantage it brings to traffic flow?
Would the policy below drop all traffic above 1gig? What purpose bc and be have in policies? Thanks
policy-map type qos xyz
police cir 1000000 kbps bc 200 ms conform transmit violate drop
vlan configuration abc
service-policy type qos output xyz
11-05-2020 05:22 AM
Hello,
you apply a service policy to a Vlan (SVI) interface when you require Vlan based QoS. Look at the below:
interface FastEthernet0/1
switchport mode access
srtwitchport access vlan 20
spanning-tree portfast
mls qos vlan-based
!
interface Vlan 20
ip address 192.168.20.1 255.255.255.0
service-policy input VLAN_20_QOS
This configuration would apply the service policy specified under the SVI to all (access and/or trunk) ports that are part of Vlan 20. You need a layer 3 interface (the SVI) in this case to apply the service policy.
A 'regular' layer 3 interface on e.g. can be configured likewise, but you need nothing else on any other port for the service policy to work.
As for 'policing', it simply drops traffic whenever the configured limit is reached. Because of that behavior, it is usually recommended to use shaping instead of policing, as shaping works with buffers and sends traffic at a more even rate.
11-05-2020 08:46 AM - edited 11-10-2020 08:13 AM
It's not so much VLAN QoS brings advantage to traffic flows, except in one case I'll touch upon shortly, it can ease configuration maintenance.
Consider you have functional purpose VLANs, and each VLAN has different QoS policy needs. If you apply the policy to the interface, and then need to change the port's VLAN, you need to also change the QoS policy. If, however, the policy is tied to the VLAN, just changing the interface's VLAN can change the QoS policy too.
As to the case where it can impact traffic flows, on the 6500 with sup720s, they only support a fixed number of interface with a policy tied to it. Using VLAN policies avoids this limitation.
"Would the policy below drop all traffic above 1gig?"
Yes and no, depends how the traffic is exceeding 1 gig. Which leads to your second question.
"What purpose bc and be have in policies?"
Interfaces always transmit at physical port speed. So, if we want to police (or shape) slower, we need to "measure" traffic volume only during some time period to see whether the traffic rate meets or not the desired effective transfer rate. The Bc and Be provide the measurement intervals in bit volume.
For example, if we wanted 1 gig limit on a 10g port, that means we only want to "average" 1 gig transfer rate over some time period. Notice the "200 ms" in the police statement. I.e. during every 200ms we'll allow what a 1 gig port would transmit during the same time.
BTW, since port rates might vary, the time period is converted to a bit volume, such as Bc or Be.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide