unable to policy switchport interface of CISCO861

christian.pinedo · ‎07-25-2012

Hello,

I'm unable to apply a policing limit in a switchport of the CISCO861 router. This is my configuration:

interface FastEthernet0

service-policy input wired-input

service-policy output wired-output

end

policy-map wired-input

class class-default

police cir 1000000 bc 187500 be 250000

conform-action transmit

exceed-action transmit

violate-action drop

policy-map wired-output

class class-default

police cir 2000000 bc 375000 be 500000

conform-action transmit

exceed-action transmit

violate-action drop

The switchport uses more than 2/1 Mbps and I don't know why. This port is routed through the WAN interface (Fa4). I must be doing somethig bad...

Thanks in advance,

Christian

cadet alain · ‎07-25-2012

Hi,

I think you should apply the policy to the WAN interface or the SVI(BVI).

Regards.

Alain.

Don't forget to rate helpful posts.

christian.pinedo · ‎07-25-2012

Hi,

I can't apply the service-policy to the SVI Interface, I get an error every time I try it.

And If I apply the service-policy to the WAN interface I don't know if I will be able to apply different policies for private networks because the WAN interface is NATed and I think the source-nat is done before the QoS.

Am I wrong??

Christian

cadet alain · ‎07-25-2012

Hi,

if you set dscp for different networks inbound and policeoutbound according to these dscp values then it should work as NAT is only replacing the src IP address but not the Tos byte to my best knowledge.

Regards.

Alain.

Don't forget to rate helpful posts.