Buy or Renew
Buy or Renew
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
920
Views
0
Helpful
4
Replies

QOS Policing

Go to solution
CSCO12348032
Level 1
Level 1

‎05-28-2018 12:15 AM - edited ‎03-08-2019 03:09 PM

Looking for some advice regarding Policing traffic.

 

We have 6509 switches at one site that connect to 3750 switches at another site via a 100Mb/s link.

 

police bps burst-normal burst-max conform-action action exceed-action action violate-action action

 

I was looking to limit the backup traffic that we send over this link to a max of 95Mb/s, to ensure that I have 5Mb/s free for other traffic (firewall failover). 

 

I read something that Cisco recommends the following

 

normal burst = configured rate * (1 byte)/(8 bits) * 1.5 seconds

extended burst = 2 * normal burst

 

So basing it on this I configured the policing like so

 

police 95000000 17812 35625    conform-action transmit     exceed-action drop     violate-action drop

 

However the switch changed this to 

 

police 95000000 47500 35625    conform-action transmit     exceed-action drop     violate-action drop

 

I can see the following

 

show mls qos ip fa9/47
[In] Default. [Out] Policy map is Policy_Commvault
QoS Summary [IPv4]: (* - shared aggregates, Mod - switch module)

Int Mod Dir Class-map DSCP Agg Trust Fl AgForward-By AgPoliced-By
Id Id
-----------------------------------------------------------------------------------
Fa9/47 6 In Default 0 0* No 0 518833477507 0
Fa9/47 6 Out Class_Comm 0 1 -- 0 501275078239 7279440743

 

The problem I have is that when I look at the traffic on the other end of the link it is reaching 98Mb/s so it appears that the policing isn't working properly.

 

Any ideas what I am doing wrong ?

Labels:
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
Georg Pauwen
VIP
VIP
In response to CSCO12348032

‎05-28-2018 04:02 AM

Hello,

 

the first number is in bits, the second and third is in bytes. The math is still the same:

 

policed rate 95000000

normal burst (in bytes): 95000000/8 * 1.5 = 17812500

excess burst (normal burst * 2)) = 35625000

 

The limits are platform dependent, so in your case, 32000000 for the excess burst is close enough to the 'real' value.

 

Either way, did that make a difference with regard to limiting your rate to 95MB ?

 

View solution in original post

0 Helpful
4 Replies 4

Go to solution
Georg Pauwen
VIP
VIP

‎05-28-2018 12:38 AM

Hello,

 

the burst/extended burst values you have originally configured look extremely low. Try these:

 

police 95000000 17812500 35625000

0 Helpful

Go to solution
CSCO12348032
Level 1
Level 1
In response to Georg Pauwen

‎05-28-2018 01:35 AM

extended burst (be) must be between 1000 and 32000000 for this interface
Configuration failed!

 

So I changed it to this

 

police 95000000 17812500 32000000 conform-action transmit exceed-action drop violate-action drop

 

The reason I had it the way I had it originally as I thought the first number was in bps, but the second and third numbers were in bytes

0 Helpful

Go to solution
Georg Pauwen
VIP
VIP
In response to CSCO12348032

‎05-28-2018 04:02 AM

Hello,

 

the first number is in bits, the second and third is in bytes. The math is still the same:

 

policed rate 95000000

normal burst (in bytes): 95000000/8 * 1.5 = 17812500

excess burst (normal burst * 2)) = 35625000

 

The limits are platform dependent, so in your case, 32000000 for the excess burst is close enough to the 'real' value.

 

Either way, did that make a difference with regard to limiting your rate to 95MB ?

 

0 Helpful

Go to solution
CSCO12348032
Level 1
Level 1
In response to Georg Pauwen

‎05-28-2018 04:11 AM

Thanks for explaining it.

 

I will let you know.  There is no a lot of traffic going over the link at present.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking for a $25 gift card