[c-nsp] Class-based policing problem
Paolo Lucente
pl+list at pmacct.net
Wed Nov 28 05:01:50 EST 2007
Hi Justin,
Policing is not supported on SVIs; whereas CAR is. I came across this
issue myself while playing around with a 870 and a 1721 (WIC-4ESW).
Seems the Cisco document below is confirming this:
http://www.cisco.com/en/US/products/ps5855/products_white_paper0900aecd8064c9f4.shtml
Cheers,
Paolo
On Tue, Nov 27, 2007 at 05:44:37PM -0600, Justin Shore wrote:
> I'm trying to configure class-based policing on a 2821 running
> 12.4(11)T1. I have a interface on a NM-16ESW configured for an access
> VLAN. The SVI for that VLAN is what I'm trying to apply the policy to.
> Here's what I'm working with:
>
> class-map match-all customer-class
> match access-group 12
> !
> policy-map customer-policing
> class customer-class
> police 5000000 937500 1875000 conform-action transmit exceed-action
> drop
> !
>
> ACL 12 is a standard ACL with the subnet of the customer in question.
> When I try to configure the service-policy on the SVI I get this error:
>
> 2821-1.clr(config-if)#service-policy input customer-policing
> Configuration failed!
>
> Is class-based policing supported on these interfaces and on this
> hardware? I've always used CAR for these applications but it was not
> giving the results I was hoping for. That's what I'm trying policing
> instead. Have I configured class-based policing correctly? My goal is
> to rate-limit traffic to 5Mbps symmetric.
>
> I'm working from the examples on this page:
>
> http://tinyurl.com/2c9r6d
>
> Thanks
> Justin
More information about the cisco-nsp
mailing list