05-30-2012 05:06 PM - edited 03-07-2019 06:59 AM
Hi,
Just wondering if anyone may know a way of policing traffic on the Nexus 3k platform? I can't find a reference to say policing/shaping is supported...
Thanks
Sent from Cisco Technical Support iPhone App
05-30-2012 05:37 PM
Hello,
Afaik no. Nexus 3k is considered as Low Latency Queueing switch and shaping and policing triggers the queueing (if we talk about egress one) which does not fit in low latency theory as per developers.
The way to configure QoS is to split traffic into queues and limit bandwidth for those.
E.G.
N3k-1(config)# class-map type qos QUE_class
N3k-1(config-cmap-qos)# match cos 0-7
2) Create a queuing policy-map:
N3k-1(config-cmap-qos)# policy-map type queuing QUE_policy
3) Assign a class to this policy map:
N3k-1(config-pmap-que)# class type queuing QUE_class
4) Set bandwidth percentage to 5%, which would be 50Mb on a 1G
interface
N3k-1(config-pmap-c-que)# bandwidth percent 5
5) Set the bandwidth on the class-default to 0%:
N3k-1(config-pmap-que)# class type queuing class-default
N3k-1(config-pmap-c-que)# bandwidth percent 0
6) Apply this policy-map to an interface:
N3k-1(config)# int e1/1
N3k-1(config-if)# service-policy type queuing output QUE_policy
N3k-1(config-if)# service-policy input QUE_policy
Here is what your interface should look like:
N3k-1# show policy-map int e1/1 in
Global statistics status : disabled
Ethernet1/1
Service-policy (qos) input: QUE_policy
policy statistics status: disabled
Class-map (qos): QUE_class (match-all)
Match: cos 0-7
Class-map (qos): class-default (match-any)
Match: any
set qos-group 0
N3k-1# show policy-map int e1/1 out
Global statistics status : disabled
Ethernet1/1
Service-policy (queuing) output: QUE_policy
policy statistics status: disabled
Class-map (queuing): QUE_class (match-any)
bandwidth percent 5
Class-map (queuing): class-default (match-any)
Match: qos-group 0
bandwidth percent 0
Nik
05-30-2012 06:02 PM
Awesome Nik, thanks for the tip. I'll check that out and see how it goes.
05-30-2012 06:22 PM
Hope it will help!
Nik
05-30-2012 10:28 PM
Hi Nik,
What do you think of the config below? Do you think this would work for limiting the traffic to/from a specific network? (It's just an example.)
ip access-list My_ACL
10 permit ip 192.168.1.0/24 any
20 permit ip any 192.168.1.0/24
class-map type qos match-all My_ACL_QoS_Class
match access-group name My_ACL
policy-map type qos QoS_Classify_Policy
class My_ACL_QoS_Class
set qos-group 1
class-map type queueing My_Q_QoS_Class
match qos-group 1
policy-map type queueing My_Q_QoS_Policy
class type queueing My_Q_QoS_Class
bandwidth percent 10
class type network-qos class-default
bandwidth percent 10
int eth1/1
service-policy type queuing output My_Q_QoS_Policy
service-policy input My_Q_QoS_Policy
05-30-2012 10:38 PM
That should work. Though policy QoS_Classify_Policy should be applied to interface to do inital marking or you just avoid using it and match ACL in class My_Q_QoS_Class instead of qos-group.
Nik
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide