cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
1053
Views
0
Helpful
2
Replies

Vlan QOS

networkinggeek
Level 1
Level 1

I want to understand when do we apply qos over vlan vs on interface. And what advantage it brings to traffic flow? 

Would the policy below drop all traffic above 1gig? What purpose bc and be have in policies? Thanks

 

policy-map type qos xyz

      police cir 1000000 kbps bc 200 ms conform transmit violate drop

 

vlan configuration abc

  service-policy type qos output xyz

2 Replies 2

Hello,

 

you apply a service policy to a Vlan (SVI) interface when you require Vlan based QoS. Look at the below:

 

interface FastEthernet0/1

switchport mode access

srtwitchport access vlan 20

spanning-tree portfast

mls qos vlan-based

!

interface Vlan 20

ip address 192.168.20.1 255.255.255.0

service-policy input VLAN_20_QOS

 

This configuration would apply the service policy specified under the SVI to all (access and/or trunk) ports that are part of Vlan 20. You need a layer 3 interface (the SVI) in this case to apply the service policy.

 

A 'regular' layer 3 interface on e.g. can be configured likewise, but you need nothing else on any other port for the service policy to work.

 

As for 'policing', it simply drops traffic whenever the configured limit is reached. Because of that behavior, it is usually recommended to use shaping instead of policing, as shaping works with buffers and sends traffic at a more even rate. 

Joseph W. Doherty
Hall of Fame
Hall of Fame

It's not so much VLAN QoS brings advantage to traffic flows, except in one case I'll touch upon shortly, it can ease configuration maintenance.

Consider you have functional purpose VLANs, and each VLAN has different QoS policy needs.  If you apply the policy to the interface, and then need to change the port's VLAN, you need to also change the QoS policy.  If, however, the policy is tied to the VLAN, just changing the interface's VLAN can change the QoS policy too.

As to the case where it can impact traffic flows, on the 6500 with sup720s, they only support a fixed number of interface with a policy tied to it.  Using VLAN policies avoids this limitation.

"Would the policy below drop all traffic above 1gig?"

Yes and no, depends how the traffic is exceeding 1 gig.  Which leads to your second question.

"What purpose bc and be have in policies?"

Interfaces always transmit at physical port speed.  So, if we want to police (or shape) slower, we need to "measure" traffic volume only during some time period to see whether the traffic rate meets or not the desired effective transfer rate.  The Bc and Be provide the measurement intervals in bit volume.

For example, if we wanted 1 gig limit on a 10g port, that means we only want to "average" 1 gig transfer rate over some time period.  Notice the "200 ms" in the police statement.  I.e. during every 200ms we'll allow what a 1 gig port would transmit during the same time.

BTW, since port rates might vary, the time period is converted to a bit volume, such as Bc or Be.

Review Cisco Networking for a $25 gift card