Showing results for 
Search instead for 
Did you mean: 

How to rate limit a 3560 outbound to 5mb?

I've been reading a bunch of different posts on how to rate limit a 3560 inbound and outbound using different QoS methods.  Can anyone narrow it down for me please?  I've read about vlan class maps/policy maps, using the rate limit command on the physical interface, using the srr-queue bandwidth command(it's a gig switch so not sure that would work) and marking all packets and then applying QoS.  I'm just learning QoS so trying to figure all of this out and find the best way to do things.

Also, I was told to do this because it's not advisable to have a connection to your ISP that is not 10mb or 100mb on a switch, since they are not divisible by 10 and it can cause issues?  That make any sense, any standard practice going on here?  Is this a waste of time?




Hi churchillma,

In the Cisco IOS on a Catalyst switch (not on a router), there’s an Interface Mode command called shape round-robin queue bandwidth. More specifically, the command is srr-queue bandwidth.

This command has been around since IOS 12.2(25). For these examples, I’m using a Cisco Catalyst 2960 switch.

Entering the command appended with a question mark will display the command options. Here’s an example:

Switch(config)# interface FastEthernet 0/1
Switch(config-if)# srr-queue bandwidth ?
  limit              Configure bandwidth-limit for this interface
  shape             Configure shaping on transmit queues
  share              Configure shared bandwidth

As you can see, the command options are limit, shape, and share. While we’ll focus on the limit option this time, keep in mind that you can also use the srr-queue bandwidth command to shape and share bandwidth.

For example, let’s say you have a 100-Mb Ethernet port on a Catalyst  switch. You’re selling the bandwidth on the port, and a customer has  bought 10 Mb of bandwidth. Obviously, you want to limit the outbound  bandwidth on the port to 10 Mb instead of the full 100 Mb.

To do so, go to Interface Configuration Mode on the switch port, and apply the srr-queue bandwidth limit command. Here’s an example:

Switch(config)# interface FastEthernet 0/1
Switch(config-if)# srr-queue bandwidth limit 90

The 90 sets the outbound bandwidth limit on the port to 90  percent of the port speed. Since this is a 100-Mb port, this should  limit the outbound traffic from the port to 10 Mb.

Variations on bandwidth limiting

As with just about everything in the Cisco IOS, there are multiple  ways to accomplish the same thing. One way would be to manipulate the  port speed. But if you want to hard-code the port speed on the Ethernet  port to 10 Mb, you could also limit the customer to only 10 Mb of  bandwidth using the speed 10 command. However, you probably won’t get the same level of performance from the 10-Mb Ethernet port.

What if you want a port speed that’s less than 10 Mb? You could limit the port speed to 10 Mb and then use the srr-queue bandwidth limit 90 command to limit the outbound speed of the port to only 1 Mb.

What if you’re working with a Cisco router instead of a switch? Cisco routers don’t support the srr-queue command. While there are several different QoS options that might  accomplish the same thing, a common method that I’ve used is the rate-limit command.

For example, on a Cisco router when in Interface Mode, you could limit outbound bandwidth to 1 Mb using the following command:

Router(config-if)# rate-limit output 10000000 2000 2000 conform-action continue exceed-action drop

What about adding these commands to the switch?

mls qos

int vlan 400

rate-limit input 5242880 5000 5000 conform-action transmit exceed-action drop

rate-limit output 5242880 5000 5000 conform-action transmit exceed-action drop


What is 2000 2000 stands for on this command line?

Router(config-if)# rate-limit output 10000000 2000 2000 conform-action continue exceed-action drop

Im planning to limit the vlan bandwidth on the port which uses 10 vlans..

Please give me an example of command line

Im using CISCO 3560 X-series.

Thanks so much.

Joseph W. Doherty
Hall of Fame Expert


The  Author of this posting offers the information contained within this  posting without consideration and with the reader's understanding that  there's no implied or expressed suitability or fitness for any purpose.  Information provided is for informational purposes only and should not  be construed as rendering professional advice of any kind. Usage of this  posting's information is solely at reader's own risk.

Liability Disclaimer

In  no event shall Author be liable for any damages whatsoever (including,  without limitation, damages for loss of use, data or profit) arising out  of the use or inability to use the posting's information even if Author  has been advised of the possibility of such damage.


For 3560 egress, would recommend either "shaping" the port (1st choice) or SRR shaping a queue or queues (2nd choice).

Regarding running at 10 or 100 Mbps, the advantage of having a link's capacity match the port's physical "speed", you avoid the need to artificially shape or police for the lower capacity.