[c-nsp] 3550 QoS not working as expected

Tim Devries tdevries at northrock.bm
Thu Jan 6 19:27:00 EST 2005


 
There is no non-IP traffic, and I did a sh arp/verified the interface IP's
in the ACL.  I'm going to try it for the sake of it, though if I've got arp
entries that aren't showing that might be a bigger problem ;-0

I guess if that fails I will be trying another version over the weekend, and
I'll see if that helps.

I would also like rate-limiting to work, because according to

http://www.cisco.com/en/US/products/hw/switches/ps646/ps3816/index.html

"For the first time, customers can deploy network-wide intelligent services,
such as advanced quality of service (QoS), **rate-limiting**, Cisco security
access control lists, multicast management, and high-performance IP
routing-while maintaining the simplicity of traditional LAN switching."

...it should, but I've been unable to find how, and the usual command set
doesn't seem to work.  Am I missing something here?  My immediate thoughts
are that perhaps something other than traditional rate-limiting commands is
implied?

Thanks,

Tim

-----Original Message-----
From: Nick Shah
To: Tim Devries; cisco-nsp at puck.nether.net
Sent: 1/6/05 7:57 PM
Subject: RE: [c-nsp] 3550 QoS not working as expected



Tim

Sorry, you don't _have_to use aggregate policer. You could. 


Is there any non-ip traffic ? If so, You can create an extra match, and
then use an aggregate policer to police it at 3MB. I would also change
the IP ACL 102 to match ip any any, just to test it. 

mls qos aggregate-policer fas0-01-ipolicer 3000000 8000 exceed-action
drop

class-map match-all MATCH-MAC
  match access-group name MAC-ACL

mac access-list extended MAC-ACL
 permit any any


policy-map customerA
  class customerA 
    police aggregate fas0-01-ipolicer 
  class MATCH-MAC
	police aggregate fas0-01-ipolicer 

Rgds

Nick

---------------------------------------------------------------
Well, this is my current config:

 Mls qos 
 ! 
 class-map match-all customerA
    match access-group 102 
 ! 
 ! 
 policy-map customerA
  class customerA 
    police 3000000 8000 exceed-action drop 
 ! 
 ! 
 ! 
 interface FastEthernet0/1 
 description CustomerA - 3MB/s 
 switchport access vlan 4 
 switchport mode access 
 switchport protected 
 bandwidth 3000 
 mls qos monitor packets 
 service-policy history 
 service-policy input customerA 
 no cdp enable 
 spanning-tree portfast 
 !
 access-list 102 permit ip x.x.x.x 0.0.0.15 any

I made some changes through the day like applying it ingress w/
access-list etc., however, it still spikes up to 5-6Mb.  In all of the
documentation I've read, I didn't see anything regarding the aggregate
as being a
necessary configuration step.   I guess I'm wondering if it should work
without an aggregate policer, because at least with this IOS version and
my current configuration it doesn't.

When I do a

Colo-3550#sh mls qos int fa0/1 stat
FastEthernet0/1
Ingress
  dscp: incoming   no_change  classified policed    dropped (in pkts)
Others: 38469779   38379716   90063      0          190138
Egress
  dscp: incoming   no_change  classified policed    dropped (in pkts)
Others: 33285081      n/a       n/a      0          0

Colo-3550#

I see packets being dropped, but in my monitoring software I still see
it spiking up to 5-6Mb.

Thanks,

Tim



------------------------------------------------------------------------
------
This communication, including any attachments, is confidential. If 
 you are not the intended recipient, you should not read it - please 
 contact me immediately, destroy it, and do not copy or use any part of 
 this communication or disclose anything about it.

------------------------------------------------------------------------
------


More information about the cisco-nsp mailing list