[c-nsp] Cisco 7600 rate limiting

Frank Bulk frnkblk at iname.com
Wed Jul 22 20:30:31 EDT 2009 

Try this, it's been working for us (after much head bashing)

==========================================
mls qos

class-map match-any customer-networks
  match access-group name customer-policer_inbound
  match access-group name customer-policer_outbound

policy-map customer-policer
  class customer-networks
   police 4000000    conform-action transmit     exceed-action drop
violate-action drop

interface Vlan203
 description CUSTOMER
 ip address x.x.x.x x.x.x.x
 mls qos bridged
 service-policy input customer-policer
 service-policy output customer-policer
end

interface GigabitEthernet1/14
 description TRUNK PORT
 switchport
 switchport trunk encapsulation dot1q
 switchport trunk allowed vlan 1,203
 switchport mode trunk
 speed 100
 duplex full
 mls qos vlan-based
!
==========================================

Regards,

Frank

-----Original Message-----
From: cisco-nsp-bounces at puck.nether.net
[mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Walter Keen
Sent: Wednesday, July 22, 2009 5:04 PM
To: cisco-nsp at puck.nether.net
Subject: [c-nsp] Cisco 7600 rate limiting

Any suggestions on this?

I'm trying to rate-limit a vlan at X mbit (4 in this case) and seeing 
rate-limiting working downstream to the customer but not when traffic is 
originating from the customer.

Customer access is via a dot1q trunk (with a switch at the cust. site 
handing off untagged traffic for that vlan)

7600 hardware is a 7606-s, rsp720-3cxl, running 12.2(33)SRC2, with a 
single ws-6724sfp card.  Both the dot1q trunk bringing in customer 
connections and the routed port it's destined for exist on the same card.

class-map match-any RATELIMIT-4mbit
  match any
policy-map TEST-4mbit
 description TESTING-ONLY
  class RATELIMIT-4mbit
   police cir 4000000
    conform-action transmit
    exceed-action drop
    violate-action drop
interface Vlan1060
 ip address 69.10.218.9 255.255.255.248
 service-policy input TEST-4mbit
 service-policy output TEST-4mbit
!

_______________________________________________
cisco-nsp mailing list  cisco-nsp at puck.nether.net
https://puck.nether.net/mailman/listinfo/cisco-nsp
archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list