12-10-2021 02:09 AM - edited 12-10-2021 02:12 AM
WS-C3650-12X48UR-E
Software Version: 16.9.4
The issue is related to the application of a new policy-map and it not been hit. The switch config is show below:
class-map match-all CTS
match access-group name CTS
class-map match-all PACEY
match access-group name PACEY
policy-map customer_vsx_bandwidth_limit
class CTS
police cir 350000000 bc 175000
conform-action transmit
violate-action drop
class PACEY
police cir 30000000 bc 5625000
conform-action transmit
violate-action drop
class class-default
policy-map customer_allocated_vsx
class class-default
bandwidth percent 100
queue-buffers ratio 100
service-policy customer_vsx_bandwidth_limit
policy-map default_buffer_que
class class-default
bandwidth percent 100
queue-buffers ratio 100
ip access-list extended CTS
permit ip any x.x.x.x x.x.x.x
permit ip x.x.x.x x.x.x.x any
deny ip any any
ip access-list extended PACEY
permit ip any host x.x.x.x
permit ip host x.x.x.x any
deny ip any any
(access list IP details hidden but set up with the correct addresses)
The new config is highlighted in bold.
The below show the PACEY map is not been hit but CTS is
TFM20-DIST-3650-B#show policy-map interface gi1/0/17
GigabitEthernet1/0/17
Service-policy output: customer_allocated_vsx
Class-map: class-default (match-any)
6494049035 packets
Match: any
Queueing
(total drops) 30174599
(bytes output) 4617005411418
bandwidth 100% (1000000 kbps)
queue-buffers ratio 100
Service-policy : customer_vsx_bandwidth_limit
Class-map: CTS (match-all)
6487482186 packets
Match: access-group name CTS
police:
cir 350000000 bps, bc 175000 bytes, be 175000 bytes
conformed 3339873693272 bytes; actions:
transmit
exceeded 102268355219 bytes; actions:
drop
violated 0 bytes; actions:
drop
conformed 39460000 bps, exceeded 509000 bps, violated 0000 bps
Class-map: PACEY (match-all)
0 packets
Match: access-group name PACEY
police:
cir 30000000 bps, bc 5625000 bytes, be 5625000 bytes
conformed 0 bytes; actions:
transmit
exceeded 0 bytes; actions:
drop
violated 0 bytes; actions:
drop
conformed 0000 bps, exceeded 0000 bps, violated 0000 bps
Class-map: class-default (match-any)
6566849 packets
Match: any
Any help would be appreciated
Solved! Go to Solution.
12-17-2021 03:50 AM
I also lab it on a router and it's working but not on a switch. This is an issue with a customer so there must be something they're not doing right or a bug.
I have access to just about every bit of hardware, so I will lab it up on the same switch and software to see if I get the same result
12-10-2021 04:02 AM
Hi,
Did you make sure that the source ip that configured in PACEY ACL actually transmits data through GigabitEthernet1/0/17 in out direction?
i have checked it and i got hits:
Router#show policy-map interface gigabitEthernet 0/2 | b PACEY
Class-map: PACEY (match-all)
1363 packets, 154937 bytes
5 minute offered rate 5000 bps, drop rate 0000 bps
Match: access-group name PACEY
police:
cir 30000000 bps, bc 5625000 bytes, be 5625000 bytes
conformed 1363 packets, 154937 bytes; actions:
transmit
exceeded 0 packets, 0 bytes; actions:
drop
violated 0 packets, 0 bytes; actions:
drop
conformed 5000 bps, exceeded 0000 bps, violated 0000 bps
Class-map: class-default (match-any)
3698 packets, 418292 bytes
5 minute offered rate 5000 bps, drop rate 0000 bps
Match: any
12-10-2021 05:23 AM
we have merged these into one policy by creating a single ‘service-policy output customer_allocated_vsx’, in which that policy is a Parent/Child QOS setup?
So we now have policy map ‘customer_allocated_vsx’ as the PARENT which has policy map ‘customer_vsx_bandwidth_limit’ as the CHILD containing the two classes (CTS and PACEY)
policy-map customer_vsx_bandwidth_limit
class CTS
police cir 350000000 bc 175000
conform-action transmit
violate-action drop
class PACEY
police cir 30000000 bc 5625000
conform-action transmit
violate-action drop
class class-default
policy-map customer_allocated_vsx
class class-default
bandwidth percent 100
queue-buffers ratio 100
service-policy customer_vsx_bandwidth_limit
policy-map default_buffer_que
class class-default
bandwidth percent 100
queue-buffers ratio 100
interface GigabitEthernet1/0/17
description XXXXXX ETH3
switchport trunk allowed vlan 513
switchport mode trunk
switchport nonegotiate
load-interval 30
no cdp enable
no snmp trap link-status
spanning-tree portfast trunk
spanning-tree bpduguard enable
service-policy output customer_allocated_vsx
end
Can you please get them to clarify why this Parent/Child relationship is not correct/working and provide a quick example of how it should be created?
12-11-2021 06:18 AM
Yes, it has been tested but now the Policy config has changed and I have updated the post.
12-17-2021 03:50 AM
I also lab it on a router and it's working but not on a switch. This is an issue with a customer so there must be something they're not doing right or a bug.
I have access to just about every bit of hardware, so I will lab it up on the same switch and software to see if I get the same result
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: