[c-nsp] Cisco 3550 counters and QoS

Anthony D Cennami acennami at neupath.com
Tue Aug 24 11:57:21 EDT 2004 

-----BEGIN PGP SIGNED MESSAGE-----
Hash: SHA1

Have you factored in the packet overhead for your dot1q trunk?


Marco Matarazzo wrote:
| Hi all,
|
| usual question about counters... ;)
|
| I've setup a 3550-48 SMI in a lab, one port is a layer3 port, the
other one
| a layer2 trunk to the rest of the network.
| I've applied an inbound and an outbound policy to the layer3 port, to
police
| the traffic at 1Mbps. This is the relevant part of the configuration:
|
| IOS (tm) C3550 Software (C3550-I9Q3L2-M), Version 12.1(22)EA1, RELEASE
| SOFTWARE (fc1)
|
| mls qos
|
| class-map match-any all_traffic
|   match ip dscp 0
|
| policy-map 1MbpsIN
|   class all_traffic
|     police 1024000 192000 exceed-action drop
| policy-map 1MbpsOUT
|   class all_traffic
|     police 1024000 192000 exceed-action drop
|
| interface FastEthernet0/2
|  description CustomerPort
|  no switchport
|  ip address x.x.x.x 255.255.255.0
|  service-policy input 1MbpsIN
|  service-policy output 1MbpsOUT
|  no cdp enable
|
| interface FastEthernet0/48
|  description TrunkCust3Gig1
|  switchport trunk encapsulation dot1q
|  switchport trunk allowed vlan 1,6,1002-1005
|  switchport mode trunk
|
| Now the weird part:
|
| If I download anything on the customer machine, traffic gets policed at
| 1Mbps (5 minute average, I'm using the usual mrtg), and I can see on the
| graphs a nice almost flat line on egress on the layer3 interface, and
a nice
| almost flat line on ingress on the trunk. All fine.
|
| If I upload anything from the customer machine, the traffic gets
policed at
| 1Mbps, but on the graphs, I see on the ingress of the layer3 interface
| 1.20Mbps, and on the egress of the trunk the nice flat line at 1Mbps.
| Checking the ftp client, I can see it's uploading at 125KBps (that's
| 1Mbps!), checking the "sh int":
|
|   Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0
|   Queueing strategy: fifo
|   Output queue: 0/40 (size/max)
|   5 minute input rate 1270000 bits/sec, 107 packets/sec << Should be
lower!
|   5 minute output rate 39000 bits/sec, 68 packets/sec
|
| Now, it wouldn't be a big problem (traffic gets policed correctly anyway),
| but billing on the layer3 counters becomes impossible, as there's a 20%
| difference on real traffic used! It there something wrong I'm doing? Any
| ideas?
|
| Thanks!
| ]\/[arco
|
| _______________________________________________
| cisco-nsp mailing list  cisco-nsp at puck.nether.net
| https://puck.nether.net/mailman/listinfo/cisco-nsp
| archive at http://puck.nether.net/pipermail/cisco-nsp/

- --
: Anthony D Cennami
: Managing Partner
: NeuPATH, LLC
: acennami at neupath.com
: [PGP KeyID] 0x51cdd6bd

CONFIDENTIALITY NOTICE:  The information contained herein,
including Message Body, Attachment(s) and Recipients, is
confidential in nature and intended only for the delivery
to and Authorized Use by aforementioned and included
Recipients, Addressee(s), Entities and Authorized
Delivery Agents effecting the confidential dissemination
of the information contained herein to said parties.
If you are not an intended recipient of this communication
please take notice that any redistribution or copying of
this message, or any data or attachments included, is
UNAUTHORIZED and may be unlawful.  If you believe you
received this communication in error please immediately
destroy all copies and/or reference related hereto and
immediately notify the sender.
-----BEGIN PGP SIGNATURE-----
Version: GnuPG v1.2.4 (MingW32)
Comment: Using GnuPG with Netscape - http://enigmail.mozdev.org

iD8DBQFBK2Vh7cvhxFHN1r0RAvOiAJ92yQ7ByPqB4CFDNUzi3m5IsVEuXACeLsNJ
lrm2bA0pm4lbxlswfZRUo7g=
=cP5p
-----END PGP SIGNATURE-----

More information about the cisco-nsp mailing list