04-21-2012 06:30 AM - edited 03-07-2019 06:15 AM
Hi,
<SW1>--------(Router)--------<SW2>
I've 4 servers (10.1.1.89, 10.1.1.90, 10.1.1.91, 10.1.1.92) in vlan20 on SW1 and 4 servers in VLAN 21(10.1.1.121, 10.1.1.122, 10.1.1.123, 10.1.1.124) on SW2.
on SW1: I've to limit b/w for traffic going out from those 4 servers to 20M. I don't want limit b/w for others servers in vlan20.
on SW2: I've to limit b/w for traffic going out from those 4 servers to 20M. I don't want limit b/w for others servers in vlan21.
in which direction should I apply service policy on vlan interface(would it be in "in" direction or "out" direction)?
below is the configuration that I built.
SW1:
access-list extended SERVERS permit ip host 10.1.1.89 any
access-list extended SERVERS permit ip host 10.1.1.90 any
access-list extended SERVERS permit ip host 10.1.1.91 any
access-list extended SERVERS permit ip host 10.1.1.92 any
class-map match-all SERVERS-HOST
match access-group SERVERS
policy-map BW-LIMIT
class SERVERS-HOST
shape average 20000000
class class-default
fair-que
int vlan20
service-policy in BW-LIMIT
====
SW2:
access-list extended SERVERS permit ip host 10.1.1.121 any
access-list extended SERVERS permit ip host 10.1.1.122 any
access-list extended SERVERS permit ip host 10.1.1.123 any
access-list extended SERVERS permit ip host 10.1.1.124 any
class-map match-all SERVERS-HOST
match access-group SERVERS
policy-map BW-LIMIT
class SERVERS-HOST
shape average 20000000
class class-default
fair-que
int vlan21
service-policy in BW-LIMIT
Please advise. Thanks in advance...
04-21-2012 08:44 AM
Switches are not good for traffic shapping. Do that on router.
04-21-2012 10:08 AM
Hi,
these switches are nexus 7K so I'm pretty sure it won't be any issue.
04-21-2012 06:06 PM
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
I haven't worked with the Nexus series, but generally you can't shape ingress (although you can police).
Normally in vs. out on an interface, VLAN or otherwise, is similar to ACLs, i.e. in for ingress traffic to that interface and out for egress traffic on the interface. Since you note the servers are on those VLANs, you could police them as the traffic ingresses the interface they are connected to or police/shape the traffic to the servers as it egresses the interface toward them. (Normally you want to police or shape ASAP.) Although since you didn't describe the topology in full, from what you did describe, the traffic might bypass the switch(es) VLAN interface(s) going between VLANs 20 and 21.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide