Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
852
Views
0
Helpful
8
Replies

L2 policing on cat6500 L2 interface

Go to solution
ibrunello
Level 1
Level 1

‎03-20-2009 08:14 AM - edited ‎03-06-2019 04:43 AM

I need to police ingress traffic on a layer2 ("switchport") interface.

Traffic is raw ethernet, so only L2 policying is usable.

Cat6500

Sup 720

Native mode

IOS 12.2(18)SXF13 adv enterprise

Already read config guides, but it takes a while to understand all concepts.

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/qos.html#wp1750716

Any sample config, to make me understand better the concepts?

TIA

Ivan

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
andrew.prince
Level 10
Level 10
In response to ibrunello

‎03-20-2009 09:13 AM

Yep - but I suggest you review the numbers:-

50000000 - 50 megabits per second

1562500 - 1.4 megabits per second

The burst size should be x 2 the CIR - otherwise you will never reach the CIR and you will experiance TCP global synchronization.

HTH>

View solution in original post

0 Helpful
8 Replies 8

Go to solution
andrew.prince
Level 10
Level 10

‎03-20-2009 08:24 AM

From the URL:-

This is the modified IPPHONE-PC policy map, which includes the police command:

policy-map IPPHONE-PC

class CLASSIFY-OTHER

police 50000000 1562500 conform-action set-dscp-transmit default exceed-action drop

These are the police command parameters:

•The 50000000 parameter defines the committed information rate (CIR) for traffic allowed in this traffic class. This example configures the CIR to be 50 Mbps.

•The 1562500 parameter defines the CIR burst size for traffic in this traffic class; this example uses a default maximum burst size. Set the CIR burst size to the maximum TCP window size used on the network.

•The conform action keywords define what the policer does with CLASSIFY-OTHER packets transmitted when the traffic level is below the 50-Mbps rate. In this example, set-dscp-transmit default applies DSCP 0 to those packets.

•The exceed action defines what the policer does with CLASSIFY-OTHER packets transmitted when the traffic level is above the 50 Mbps CIR. In this example, exceed action drop drops those packets.

0 Helpful

Go to solution
ibrunello
Level 1
Level 1
In response to andrew.prince

‎03-20-2009 08:46 AM

The MQC is quite clear, and I used to apply on routed traffic.

My problem is with definition of class-map.

How can I set "match everything" clause?

the outlined class use an acl matching "IP any any", but I'm not sure the traffic is all pure IPv4 (maybe some IPv6, or some pure ether frames).

any hint?

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to ibrunello

‎03-20-2009 08:51 AM

That is the "class default"

Anything else that has not been defined and does not match a class = class default.

0 Helpful

Go to solution
ibrunello
Level 1
Level 1
In response to andrew.prince

‎03-20-2009 09:08 AM

then, using the standard MQC syntax:

policy-map IPPHONE-PC

class class-default

police 50000000 1562500 conform-action transmit exceed-action drop

and then apply to interface.

right?

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to ibrunello

‎03-20-2009 09:13 AM

Yep - but I suggest you review the numbers:-

50000000 - 50 megabits per second

1562500 - 1.4 megabits per second

The burst size should be x 2 the CIR - otherwise you will never reach the CIR and you will experiance TCP global synchronization.

HTH>

0 Helpful

Go to solution
ibrunello
Level 1
Level 1
In response to andrew.prince

‎03-20-2009 09:24 AM

ok.

this is a good start.

will play with the aggregate policers at later stage.

Thank you.

Ivan

0 Helpful

Go to solution
andrew.prince
Level 10
Level 10
In response to ibrunello

‎03-20-2009 04:19 PM

np - glad to help

0 Helpful

Go to solution
ibrunello
Level 1
Level 1
In response to andrew.prince

‎03-23-2009 08:50 AM

according to Cisco docs, the second parameter is in bytes, not bits.

as a rule of the thumb, I usually set the burst BYTE value as 1.5 bits value, so I have a quite big burst cache.

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card