You want to apply the policy-map on a GRE tunnel interface, right?

Document ID: 10106, "Quality of Service Options on GRE Tunnel Interfaces", explaines how to do that:

http://www.cisco.com/en/US/tech/tk543/tk545/technologies_tech_note09186a008017405e.shtml#qosforgretunn

You have to create a nested policy map:

A "parent" map shapes the tunnel interface to give queueing, which is configured in a "child" map, a starting point to recoginze congestion.

Examples can be found in the linked document.

Regards

Rolf

Model and version is 3750x 24 SE 12.2(58) SE 2.

interface Tunnel110

description " /\/\/\/\ XX) /\/\/\/\ "

bandwidth 256

ip address 192.168.1.1 255.255.255.252

ip flow ingress

ip tcp adjust-mss 1370

load-interval 30

keepalive 5 3

tunnel source 10.100.100.1

tunnel destination 10.100.100.2

tunnel key 148

int gi1/0/24

no sw port

ip address 10.100.100.1 255.255.255.252

router ospf 1

network 192.168.1.0 0.0.0.3 area 0

class-map match-all server

match access-group name Web

!

policy-map POLICE

class server

police 8000 8000 exceed-action drop class-map match-all server
match access-group name Web
!
policy-map POLICE
class server
police 8000 8000 exceed-action drop.

I have to restrict bandwidth on 256K..pls advice how can i change configuration according to shaping scenerio as per statement above.

Or I can put the same command on giga interface as well by removing tunnel.

I removed tunnels and revised configuration is given below. Now I have to restrict bandwidth to 256K. Pls advice how to limit bandwidth ?

3750x Switch 1:

interface Vlan1
description """Management Vlan"""
ip address 10.50.50.1 255.255.255.0 secondary
ip address 10.10.50.1 255.255.0.0

interface GigabitEthernet1/0/24

description """Branch Network"""

no switchport

bandwidth 256

ip address 10.100.100.1 255.255.255.252

service-policy input POLICE

end

ip route 10.100.100.0 255.255.255.252 10.100.100.2
ip route 172.16.64.0 255.255.255.0 10.100.100.2

ip access-list extended Web

permit ip any any precedence network

class-map match-all server

  match access-group name Web

!

policy-map POLICE

class server

  police 256000 8000 exceed-action drop

3750x Switch 2:

interface Loopback100
ip address 172.16.64.10 255.255.255.0

interface GigabitEthernet1/0/10
no switchport
bandwidth 256
ip address 10.100.100.2 255.255.255.252

ip route 10.50.50.0 255.255.255.0 10.100.100.1
ip route 10.100.100.0 255.255.255.252 10.100.100.1

My PC:

Connection-specific DNS Suffix  . :

IPv4 Address. . . . . . . . . . . : 10.50.50.103

Subnet Mask . . . . . . . . . . . : 255.255.255.0

Default Gateway . . . . . . . . . : 10.50.50.1

C:\>ping 172.16.64.10

Pinging 172.16.64.10 with 32 bytes of data:
Reply from 172.16.64.10: bytes=32 time<1ms TTL=254
Reply from 172.16.64.10: bytes=32 time<1ms TTL=254

Any one who has idea, so please comment

Qos is not working, pls respond

Also shape command is not supported on interface level, pls help me out

any one here on forum who suggest

????

Hi Fahad,

What kind of traffic are you trying to restrict? Or you just want to restrict bandwidth the link connected to Branch network.

Hope it will help.

Best regards,
Abzal

Just want to restrict bandwidth

Ok, I see.

Then your above configuration should be ok. But bandwidth command it is for dynamic routing protocol metric calculation. It will not reduce actual bandwidth.

interface GigabitEthernet1/0/24

description """Branch Network"""

no switchport

ip address 10.100.100.1 255.255.255.252

service-policy input POLICE

end

ip access-list extended Web

permit ip any any

class-map match-all server

  match access-group name Web

!

policy-map POLICE

class server

  police 256000 8000 exceed-action drop

For SVI interface you need to use hierarchical policy-map.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_52_se/configuration/guide/swqos.html#wp1044737

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_52_se/configuration/guide/swqos.html#wp1767120

Hope it will help.

Best regards,
Abzal

Configuration is ok as per my understanding but bandwidth is not getting restrict, no traffic seen on

Switch#sh policy-map interface gig 1/0/24

  Service-policy input: POLICE

    Class-map: server (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any

Advice please...am I doing some wrong

Removed bandwidth command as dynamic protocol not running, pls correct where I am wrong