ANNOUNCEMENT - The community will be down for maintenace this Thursday August 13 from 12:00 AM PT to 02:00 AM PT. As a precaution save your work.
cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
290
Views
0
Helpful
0
Replies
Highlighted
Beginner
Beginner

Nexus 3064 UDP traffic QoS

Good morning.
I would like to set the QoS on the Nexus 3064.
The command used in the existing IOS or IOS-XE does not work.


Eth1 / 48 is the uplink and 10G SFP + port.


Because of DDOS, I would like to limit the speed only for traffic excluding certain UDP ports.

Can I rate limit only UDP port traffic on the uplink except dns (53) and ldap (389)? (100 Mbps QoS)
In this case, does the uplink affect the incoming TCP, IP traffic?

 

There is no "police bps burst-normal burst-max ~~~~" command.
What type of command should I enter?
I can not understand the command guide.
Thank you for your help.

os version : 6.x

 

https://www.cisco.com/c/en/us/td/docs/switches/datacenter/nexus3000/sw/qos/602_U1_1/b_3k_QoS_Config_602_U11.html

 

Is there a problem when applying the following settings?
my English skill is not good enough.
Thank you for your understanding.

 

ip access-list DDOS_acl
 10 deny udp any eq XX any    
 20 deny udp any any eq XX
 30 deny udp any eq YY any     
 40 deny udp any any eq YY
 50 permit udp any any           
 
class-map type qos match-all DDOS_class_qos
 match access-group name DDOS_acl               
 
policy-map type qos DDOS_policy_qos
 class DDOS_class_qos
  set qos-group 1                     
 
class-map type queuing DDOS_class_que
 match qos-group 1                  
 
policy-map type queuing DDOS_policy_que
 class type queuing DDOS_class_que
 bandwidth percent 1                
 
int eth1/48                          
service-policy type qos input DDOS_policy_qos
service-policy type queuing output DDOS_policy_que
Content for Community-Ad