Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
817
Views
0
Helpful
2
Replies

Vlan QOS

networkinggeek
Level 1
Level 1

‎11-04-2020 10:13 PM

I want to understand when do we apply qos over vlan vs on interface. And what advantage it brings to traffic flow? 

Would the policy below drop all traffic above 1gig? What purpose bc and be have in policies? Thanks

 

policy-map type qos xyz

      police cir 1000000 kbps bc 200 ms conform transmit violate drop

 

vlan configuration abc

  service-policy type qos output xyz

0 Helpful
2 Replies 2

Georg Pauwen
VIP
VIP

‎11-05-2020 05:22 AM

Hello,

 

you apply a service policy to a Vlan (SVI) interface when you require Vlan based QoS. Look at the below:

 

interface FastEthernet0/1

switchport mode access

srtwitchport access vlan 20

spanning-tree portfast

mls qos vlan-based

!

interface Vlan 20

ip address 192.168.20.1 255.255.255.0

service-policy input VLAN_20_QOS

 

This configuration would apply the service policy specified under the SVI to all (access and/or trunk) ports that are part of Vlan 20. You need a layer 3 interface (the SVI) in this case to apply the service policy.

 

A 'regular' layer 3 interface on e.g. can be configured likewise, but you need nothing else on any other port for the service policy to work.

 

As for 'policing', it simply drops traffic whenever the configured limit is reached. Because of that behavior, it is usually recommended to use shaping instead of policing, as shaping works with buffers and sends traffic at a more even rate. 

0 Helpful

Joseph W. Doherty
Hall of Fame
Hall of Fame

‎11-05-2020 08:46 AM - edited ‎11-10-2020 08:13 AM

It's not so much VLAN QoS brings advantage to traffic flows, except in one case I'll touch upon shortly, it can ease configuration maintenance.

Consider you have functional purpose VLANs, and each VLAN has different QoS policy needs.  If you apply the policy to the interface, and then need to change the port's VLAN, you need to also change the QoS policy.  If, however, the policy is tied to the VLAN, just changing the interface's VLAN can change the QoS policy too.

As to the case where it can impact traffic flows, on the 6500 with sup720s, they only support a fixed number of interface with a policy tied to it.  Using VLAN policies avoids this limitation.

"Would the policy below drop all traffic above 1gig?"

Yes and no, depends how the traffic is exceeding 1 gig.  Which leads to your second question.

"What purpose bc and be have in policies?"

Interfaces always transmit at physical port speed.  So, if we want to police (or shape) slower, we need to "measure" traffic volume only during some time period to see whether the traffic rate meets or not the desired effective transfer rate.  The Bc and Be provide the measurement intervals in bit volume.

For example, if we wanted 1 gig limit on a 10g port, that means we only want to "average" 1 gig transfer rate over some time period.  Notice the "200 ms" in the police statement.  I.e. during every 200ms we'll allow what a 1 gig port would transmit during the same time.

BTW, since port rates might vary, the time period is converted to a bit volume, such as Bc or Be.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card