Showing results for 
Search instead for 
Did you mean: 


3560 Egress policing and classification


I have a customer who requires to identify and police traffic on egress on a 3560 trunk link.  I cannot use ingress classifications because we do not know what route the traffic will take yet.  The egress interface connects to multipoint wireless equipment with 4 different bandwidth point to point links. So the ingress traffic may be routed via any one of 4 point to point wireless links connected to the single egress interface.  Am I correct in assuming we cannot mark on the egress direction then put the traffic in a SRR shaped egress queue based on the marking ?

So we would only have the option to egress queue based on markings applied or trusted on the inbound direction ?

I had thought of some kind of policy map/aggregate policer configuration based on the exit VLAN but it seems we can only apply this type of config inbound.

From reading the 3560 configuration guides it seems the 3560 cannot deploy the kind of requirements this customer needs.  Perhaps they should have deployed some kind of Metro switch ?

Thanks again for any input.


Everyone's tags (4)

3560 Egress policing and classification

For a bit of clarification on what my customer is looking for here maybe this helps

On the Egress of a single Gigabit interface there are multiple point to point VLANs.  These go to a outdoor wireless device that has 2 or 4 point to point wireless links.  So each Wireless link takes some of the point to point VLANs from a single Gig interface and each wireless link can be a different speed.

Can we mark on an egress direction prior to queueing the traffic through one of the 4 egress queues ?  So routing decides that the traffic will go via VLAN 10.  Mark CoS 1 for example.  Traffic going via VLAN 20 mark CoS 2 for example.  Then based on these CoS values place the traffic into one of the 4 egress queues which have shaping applied to limit the bandwidth such that the downstream wireless links do not get overloaded.  Marking on the ingress does not help because we do not know at this point what VLAN, and hence what wireless link, the traffic will exit on.  For the same reason policing on the ingress cannot be used because there is a possibility that the same ingress traffic may go via the fastest Wireless link normally but be routed over the slowest link under a wireless link failure scenario.

Having read all the relevant QoS documentation for the 3560 I cannot imagine a way this can be done. 

Any input would be appreciated even if it is a suggestion we can consider and possibly discount.

Thanks again, Stephen.

CreatePlease to create content
Content for Community-Ad