[c-nsp] Policing on a 3560
Justin Shore
justin at justinshore.com
Tue Aug 4 16:30:21 EDT 2009
I'm having a little trouble doing something that should be simple. I'm
using a 3560 as a CPE to break up multiple services and bind them to
unique switchports. I don't normally use 3560s for this. The port in
question is for a 10Mbp PtP with no SLA across our backbone.
What I currently have is apparently not doing anything and I fail to see
the flaw in my logic:
class-map match-all ALL
!
!
policy-map Re-color-BE
description Police to 10Mbps CIR - Re-color ALL to BE
class ALL
police 10000000 8000 exceed-action drop
set ip dscp default
This is my QoS trust boundary so I'm re-coloring to 0 and setting muy
CIR to 10Mbps. The switch wouldn't let me define 'match any' in the
class-map. I suspect that I'm not matching anything because of that. I
want to match anything coming in that interface and police it to the CIR
and drop everything else. I must be missing something but I'm not sure
what it is. Is there something unique about this platform? The IOS is
12.2(50)SE1.
Thanks
Justin
More information about the cisco-nsp
mailing list