Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
3834
Views
5
Helpful
4
Replies

Per VLAN Rate Limiting on Cisco 3850 Switch

Go to solution
claurie
Level 1
Level 1

‎09-11-2019 07:14 PM

Hi All,

I have a 3850 Switch with several Trunk Ports. Each of these Trunk Ports have several unique VLANs configured. I have a need to rate limit each VLAN individually and independent of the physical Trunk Interface.

 

e.g. Trunk Port ge0/0/1

       VLAN 1007 - to be Limited to 20 Mbps

       VLAN 1008 - to be Limited to 50 Mbps

       VLAN 1009 - to be Limited to 100 Mbps

 

Is this possible? If so, how is it achieved?

Thanks in advance for any and all assistance!

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
paul driver
VIP
VIP
In response to paul driver

‎09-12-2019 02:21 AM - edited ‎09-12-2019 02:23 AM

Hello

Just checked the cisco doc for 3850 vlan qos looks like it per-port-vlan  - here



Examples: Policer VLAN Configuration

The following example displays a VLAN policer configuration. At the end of this configuration, the VLAN policy map is applied to an interface for QoS.

 

conf t
class-map vlan100
match vlan 100

policy-map vlan100
policy-map class vlan100
police 100000 bc conform-action transmit exceed-action drop


interface gigabitEthernet1/0/5  <---physical interfaces not SVI
service-policy input vlan100


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

View solution in original post

4 Replies 4

Go to solution
paul driver
VIP
VIP

‎09-12-2019 01:33 AM - edited ‎09-12-2019 02:04 AM

Hello
The below config is based on 3650 vlan qos has i don't have access to 3850's so it may not be applicable as i am aware the 3750 had some cavets regards policing on svi's

 

conf t
mls qos

class-map Trunk_Interfaces
match input-interface ge0/0/1 ge0/0/x ge0/0/x etc..

policy-map vlan1007
class Trunk_Interfaces
police 20480000 640000 exceed-action drop

policy-map vlan1008
class Trunk_Interfaces
police 51200000 1600000 exceed-action drop

policy-map vlan1009
class Trunk_Interfaces
police 102400000 3200000 exceed-action drop

 

ip access-list extended 110
permit ip any any

class-map IP
match access-group 110


policy-map vlan1007_parent
class IP
service-policy vlan1007

policy-map vlan1008_parent
class IP
service-policy vlan1008

policy-map vlan1009_parent
class IP
service-policy vlan1009

interface Vlan1007
service-policy input vlan1007_parent

interface Vlan1008
service-policy input vlan1008_parent

interface Vlan1009
service-policy input vlan1009_parent

int ge0/0/x (all trunk links with vlan1007-9 traversing them)
mls qos vlan-based


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul
0 Helpful

Go to solution
paul driver
VIP
VIP
In response to paul driver

‎09-12-2019 02:21 AM - edited ‎09-12-2019 02:23 AM

Hello

Just checked the cisco doc for 3850 vlan qos looks like it per-port-vlan  - here



Examples: Policer VLAN Configuration

The following example displays a VLAN policer configuration. At the end of this configuration, the VLAN policy map is applied to an interface for QoS.

 

conf t
class-map vlan100
match vlan 100

policy-map vlan100
policy-map class vlan100
police 100000 bc conform-action transmit exceed-action drop


interface gigabitEthernet1/0/5  <---physical interfaces not SVI
service-policy input vlan100


Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

Go to solution
claurie
Level 1
Level 1
In response to paul driver

‎09-16-2019 08:12 PM

Hi Paul,

Firstly, thanks for the effort you put into finding a solution for my requirements - greatly appreciated.

 

Whilst the solution config is exactly what I am looking for - I have hit a brick wall. Using CLI,

I have successfully completed config steps for the first vlan1001 however, when I go to apply the second vlan1007 service-policy to the interface, the switch advises service-policy vlan1001 is already assigned to the interface.

Is there a step I am overlooking?

 

Thanks

Craig

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to claurie

‎09-17-2019 02:19 AM

Hello,

 

try and consolidate all policers into one policy:

 

class-map VLAN_1007_CLASS
match vlan 1007
class-map VLAN_1008_CLASS
match vlan 1008
class-map VLAN_1009_CLASS
match vlan 1009
policy-map VLAN_POLICY
class VLAN_1007_CLASS
police 20m
conform-action transmit exceed-action drop
class VLAN_1008_CLASS
police 50m
conform-action transmit exceed-action drop
class VLAN_1009_CLASS
police 100m
conform-action transmit exceed-action drop
!
interface GigabitEthernet 1/0/5
service-policy input VLAN_POLICY

 

Also, if possible, try and use shapers instead of policers, as shapers usually smooth out traffic bursts, while policers can abruptly drop excess traffic:

 

class-map VLAN_1007_CLASS
match vlan 1007
class-map VLAN_1008_CLASS
match vlan 1008
class-map VLAN_1009_CLASS
match vlan 1009
policy-map VLAN_POLICY
class VLAN_1007_CLASS
shape average 20000000
class VLAN_1008_CLASS
shape average 50000000
class VLAN_1009_CLASS
shape average 100000000
!
interface GigabitEthernet 1/0/5
service-policy input VLAN_POLICY

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card