[c-nsp] 3550 QoS not working as expected
Tim Devries
tdevries at northrock.bm
Thu Jan 6 19:27:00 EST 2005
There is no non-IP traffic, and I did a sh arp/verified the interface IP's
in the ACL. I'm going to try it for the sake of it, though if I've got arp
entries that aren't showing that might be a bigger problem ;-0
I guess if that fails I will be trying another version over the weekend, and
I'll see if that helps.
I would also like rate-limiting to work, because according to
http://www.cisco.com/en/US/products/hw/switches/ps646/ps3816/index.html
"For the first time, customers can deploy network-wide intelligent services,
such as advanced quality of service (QoS), **rate-limiting**, Cisco security
access control lists, multicast management, and high-performance IP
routing-while maintaining the simplicity of traditional LAN switching."
...it should, but I've been unable to find how, and the usual command set
doesn't seem to work. Am I missing something here? My immediate thoughts
are that perhaps something other than traditional rate-limiting commands is
implied?
Thanks,
Tim
-----Original Message-----
From: Nick Shah
To: Tim Devries; cisco-nsp at puck.nether.net
Sent: 1/6/05 7:57 PM
Subject: RE: [c-nsp] 3550 QoS not working as expected
Tim
Sorry, you don't _have_to use aggregate policer. You could.
Is there any non-ip traffic ? If so, You can create an extra match, and
then use an aggregate policer to police it at 3MB. I would also change
the IP ACL 102 to match ip any any, just to test it.
mls qos aggregate-policer fas0-01-ipolicer 3000000 8000 exceed-action
drop
class-map match-all MATCH-MAC
match access-group name MAC-ACL
mac access-list extended MAC-ACL
permit any any
policy-map customerA
class customerA
police aggregate fas0-01-ipolicer
class MATCH-MAC
police aggregate fas0-01-ipolicer
Rgds
Nick
---------------------------------------------------------------
Well, this is my current config:
Mls qos
!
class-map match-all customerA
match access-group 102
!
!
policy-map customerA
class customerA
police 3000000 8000 exceed-action drop
!
!
!
interface FastEthernet0/1
description CustomerA - 3MB/s
switchport access vlan 4
switchport mode access
switchport protected
bandwidth 3000
mls qos monitor packets
service-policy history
service-policy input customerA
no cdp enable
spanning-tree portfast
!
access-list 102 permit ip x.x.x.x 0.0.0.15 any
I made some changes through the day like applying it ingress w/
access-list etc., however, it still spikes up to 5-6Mb. In all of the
documentation I've read, I didn't see anything regarding the aggregate
as being a
necessary configuration step. I guess I'm wondering if it should work
without an aggregate policer, because at least with this IOS version and
my current configuration it doesn't.
When I do a
Colo-3550#sh mls qos int fa0/1 stat
FastEthernet0/1
Ingress
dscp: incoming no_change classified policed dropped (in pkts)
Others: 38469779 38379716 90063 0 190138
Egress
dscp: incoming no_change classified policed dropped (in pkts)
Others: 33285081 n/a n/a 0 0
Colo-3550#
I see packets being dropped, but in my monitoring software I still see
it spiking up to 5-6Mb.
Thanks,
Tim
------------------------------------------------------------------------
------
This communication, including any attachments, is confidential. If
you are not the intended recipient, you should not read it - please
contact me immediately, destroy it, and do not copy or use any part of
this communication or disclose anything about it.
------------------------------------------------------------------------
------
More information about the cisco-nsp
mailing list