[c-nsp] Catalyst 3550 bandwidth limit per vlan

Andrey A. Ryazanov sg at di-net.ru
Sun Jun 12 08:35:09 EDT 2005 

Generally you may have several physical ports within a single VLAN. Also some of these 
ports may be trunk ports, eg. carrying more than one VLAN simultaneously. One part of the 
traffic will pass at L2 from one physical port to another, while the other part will pass 
at L3 through the SVI towards the rest of your IP network.

You are need to choose what you want excatly the switch to do for you:

1) police each whole physical port at some value. The regular policer will help you here.

policy-map each-port-limit
class class-default
police 1000000 125000 exceed-action drop

int fa0/5
service-policy input each-port-limit

int fa0/12
service-policy input each-port-limit

int fa0/15
service-policy input each-port-limit

With this configuration applied _each_ of three ports will be limited up to 1Mbps.

2) police all traffic together coming from all of the physical ports. The aggregate 
policer will help you here.

mls qos aggregate-policer agg-policer 1000000 125000 exceed-action drop

policy-map agg-limit
class class-default
police aggregate agg-policer

int fa0/5
service-policy input agg-limit

int fa0/12
service-policy input agg-limit

int fa0/15
service-policy input agg-limit

Those, all the traffic coming from these three ports will be limited up to 1Mbps.

3) Police a specific VLAN number on a physical trunk port. 

class-map vlan5
match vlan 5
match class-map class-default

policy-map vlan5-limit
class vlan5
police 2000000 250000 exceed-action drop

int fa0/5
service-policy input vlan5-limit

After you apply this configuration, the traffic with VLAN ID 5 coming from a trunk port 
fa0/5 will be policed at 2Mbps.

4) any combinations of above

So the choice is up to you.

But always keep in mind there's a hardware limit on a number of aggregate and non-
aggregate policers.

Andrey Ryazanov
Digital Network JSC
+7 095 723 8332 ext. 203

---------- Original Message -----------
From: Alain Cocconi <cocconi at canl.net>
To: cisco-nsp at puck.nether.net
Sent: Sat, 11 Jun 2005 13:09:44 +1100
Subject: [c-nsp] Catalyst 3550 bandwidth limit per vlan

> Hello,
> 
> I'm searching how to limit bandwidth on a vlan subinterface in a C3550, I 
> know hos to do it with router, but this is not working for the catalyst (it 
> say thats policy is not permit on suninterface).
> Does anyone knows how to do it ?
> 
> Thanks
> 
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
------- End of Original Message -------

More information about the cisco-nsp mailing list