08-09-2009 06:12 PM - edited 03-06-2019 07:10 AM
I have two switches and they both have the same thing.
I have a layer3 uplink:
interface GigabitEthernet0/1
description to core1 gi3/1
no switchport
dampening
ip address x.93.153.102 255.255.255.252
ip ospf cost 1
load-interval 30
then an interface where two customers are connected in thrunk to access switch behind:
interface GigabitEthernet0/5
description to 2960 marconi gi0/1
switchport trunk encapsulation dot1q
switchport trunk allowed vlan 15,16
switchport mode trunk
load-interval 30
spanning-tree portfast
and customers' vlans:
interface Vlan15
description ABA
ip address x.93.153.193 255.255.255.248
ip ospf cost 1
interface Vlan16
description InCell
ip address x.93.153.217 255.255.255.252
ip ospf cost 1
load-interval 30
So, we have only 2 networks connected to Gi0/5.
Now I show the problem place:
public1#sh int vl15 | i rate
Queueing strategy: fifo
5 minute input rate 5000 bits/sec, 10 packets/sec
5 minute output rate 5000 bits/sec, 9 packets/sec
public1#sh int vl16 | i rate
Queueing strategy: fifo
30 second input rate 4000 bits/sec, 9 packets/sec
30 second output rate 5000 bits/sec, 9 packets/sec
public1#sh int gi0/5 | i rate
Queueing strategy: fifo
30 second input rate 368000 bits/sec, 156 packets/sec
30 second output rate 653000 bits/sec, 128 packets/sec
Traffic is in place, customers do not complain, but vlans carry nothing.
The same time i send huge icmp traffic to customer from 3560 directly and traffic gets visible. After ICMP is over, everything starts over.
public1#ping x.93.153.218 size 3000 rep 100
Type escape sequence to abort.
Sending 100, 3000-byte ICMP Echos to x.93.153.218, timeout is 2 seconds:
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!
Success rate is 100 percent (100/100), round-trip min/avg/max = 25/30/67 ms
public1#sh int vl16 | i rate
Queueing strategy: fifo
30 second input rate 73000 bits/sec, 18 packets/sec
30 second output rate 74000 bits/sec, 17 packets/sec
Question. Why?
Since i see no traffic on int vlan, i can't make rate-limiting on it...
08-09-2009 07:22 PM
Layer3 switching is done in hardware and software counters will not reflect the rate in|out of the Vlan.
__
Edison.
08-09-2009 07:25 PM
Any workaround?
08-10-2009 05:21 AM
If your goal is to police at the SVI level, then I recommend reading this URL
A software counter isn't needed for policing traffic.
__
Edison.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide