02-08-2009 06:12 PM - edited 03-06-2019 03:55 AM
I have two 3750's attached together by two single mode fiber links bundled into a etherchannel and I am trying to use QOS to limit the HTTP and HTTPS traffic from 3750B to 3750A to approx 1mb/s. This is what I got so far and I can not get this to work...
I am using this extend access list to match the traffic source and what type.
Extended IP access list WEB_SOURCE
10 permit tcp 10.5.4.0 0.0.0.255 any eq www
20 permit tcp 10.5.4.0 0.0.0.255 any eq 443
30 permit tcp 10.5.5.0 0.0.0.255 any eq www
40 permit tcp 10.5.5.0 0.0.0.255 any eq 443
50 permit tcp 10.5.6.0 0.0.0.255 any eq www
60 permit tcp 10.5.6.0 0.0.0.255 any eq 443
70 permit tcp 10.5.8.0 0.0.0.255 any eq www
80 permit tcp 10.5.8.0 0.0.0.255 any eq 443
I then matched the access-list to this class-map
Class Map match-all WEB
Match access-group name WEB_SOURCE
Then I created the policy map to police the traffic to approx 1mb/s and drop anything over that.
Policy Map WEB_TRAFFIC
Class WEB
police 1000000 8000 exceed-action drop
I then tried to attach this to the port-channel but it would not let me so I attached it to both of the interfaces that are bound together in the etherchannel
interface Port-channel1
description UPLINK TO 3750B
no switchport
ip address 192.168.254.1 255.255.255.252
interface GigabitEthernet1/0/5
description UPLINK TO 3750B
no switchport
no ip address
service-policy input WEB_TRAFFIC
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
auto qos voip trust
channel-protocol lacp
channel-group 1 mode active
!
interface GigabitEthernet1/0/6
description UPLINK TO 3750B
no switchport
no ip address
service-policy input WEB_TRAFFIC
srr-queue bandwidth share 10 10 60 20
srr-queue bandwidth shape 10 0 0 0
queue-set 2
auto qos voip trust
channel-protocol lacp
channel-group 1 mode active
After testing a computer on 3750B the HTTP and HTTPS traffic is not limited at all. Does anyone have any idea what I am doing wrong??
Model number of this switch is WS-C3750G-12S-E
and IOS is Version 12.2(25)SEE2
Any help would be great!
02-08-2009 06:25 PM
Should this be:
class map match-any WEB
02-09-2009 05:59 AM
Thanks for the input but I have tried that and that did not seem to help any. Any other suggestions?
02-09-2009 07:07 AM
Tried putting the service-policy on the port-channel interface?
Cheers
02-09-2009 07:39 AM
Thanks for the input, I tried to put it on the port-channel and this is the message I get
3750(config-if)#service-policy input WEB_TRAFFIC
QoS: policymap is supported on physical and VLAN interfaces only
Service Policy attachment failed
08-27-2009 11:42 AM
did you resolve this issue i have the same problem, 2 1 gig links and i want to limit replication traffic to 1.5 gig, i am presuming putting this on the physical ports in the channel group is no good as the ports are only 1 gig ?
09-01-2011 12:02 AM
Similar issues here
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide