Re: Rate limit on Catalyst 9300

lazuardinurfaiz1503 · ‎09-30-2020

Hi all.

I have a Catalyst 9300 as Distribution Switch, with several SVI configured for gateway of user VLAN. I want to configure rate limit to 1MBps on 1 of the SVI. Is it posible do do this on Cat9300?

Thank you.

Georg Pauwen · ‎09-30-2020

Hello,

you cannot police the SVI. You need to police each individual port. This is an excerpt from the document linked below:

Policy Map on VLANs

The device supports a VLAN QoS feature that allows the user to perform QoS treatment at the VLAN level (classification and QoS actions) using the incoming frame’s VLAN information. In VLAN-based QoS, a service policy is applied to an SVI interface. All physical interfaces belonging to a VLAN policy map then need to be programmed to refer to the VLAN-based policy maps instead of the port-based policy map.

Although the policy map is applied to the VLAN SVI, any policing (rate-limiting) action can only be performed on a per-port basis. You cannot configure the policer to take account of the sum of traffic from a number of physical ports. Each port needs to have a separate policer governing the traffic coming into that port.

Here is a configuration example which would police all ports to 1Mbit:

class-map CLASS_VLAN_10
match vlan 10
!
policy-map PM_VLAN_10
class CLASS_VLAN_10
police 1000000 conform-action transmit exceed-action drop
!
interface gigabitethernet 1/0/1

switchport mode access

switchport access vlan 10
service-policy input PM_VLAN_10

lazuardinurfaiz1503 · ‎09-30-2020

Hi Georg.

Thanks for your response.

I plan to configure rate limit on SVI that will be use for wireless user. So, those configurations will applied on interface facing APs. Is that correct?