[c-nsp] Applying output rate limit at 6500/SUP720 platform
Manuel García Montero
magamo79 at gmail.com
Mon Jun 29 03:57:30 EDT 2009
Hi,
we are facing difficulties trying to limit the rate at an interfaz in a
6509/SUP720 (IOS image s72033-pk9sv-mz.122-18.SXD1.bin).
We want to limite the output rate at a Gigabit port connected directly to
Customer Equipment. That port is configured at swithport mode, and we have
all level 3 configuration at VLAN interface (1)
In that vlan interface we have try 3 different configurations (2) to
establish the output rate limit, and while all of them should work, they
dont, beacause the rate seen at the vlan interface is lower than the Gigabit
interface, which is correct:
6.2#sh interfaces GigabitEthernet 1/11 | i rate
Queueing strategy: fifo
30 second input rate 221436000 bits/sec, 60004 packets/sec
30 second output rate 456426000 bits/sec, 67772 packets/sec
6.2#sh interfaces vlan20 | i rate
Queueing strategy: fifo
30 second input rate 228770000 bits/sec, 61961 packets/sec
30 second output rate 89869000 bits/sec, 23914 packets/sec
As your can see, input rates are more or less the same in both interfaces,
but output rate at vlan is a lot lower than the real value (shown at
physical port), so all packets are getting conform policy applied, transmit,
with no drops to reduce the rate.
Which can be the cause of this issue?
Theres also the chance to move layer3 config to physical interface, which
would solve the issue as that interface can see correct rates.
*******************************************
(1) Relevant interface / general configuration
*******************************************
interface GigabitEthernet1/11
description CUSTOMER_Principal
no ip address
load-interval 30
switchport
switchport access vlan 20
switchport mode access
end
interface Vlan20
ip address 10.160.0.19 255.255.255.240
ip access-group 122 in
no ip redirects
ip wccp 97 redirect in
ip wccp 98 redirect in
ip multicast netflow egress
ip route-cache flow
no ip mroute-cache
load-interval 30
standby 55 ip 10.160.0.17
standby 55 priority 150
standby 55 preempt
end
mls ip multicast flow-stat-timer 9
mls aging long 64
mls aging normal 60
mls flow ip destination-source
no mls flow ipv6
mls qos
mls cef error action freeze
*******************************************
(2) Configuration to limit the output rate:
*******************************************
1. rate-limit
interface Vlan20
rate-limit output 425000000 212500 212500 conform-action transmit
exceed-action drop
2. service-policy with rate-limit
policy-map CUSTOMER_OUT
class class-default
police 425000000 conform-action transmit exceed-action drop
!apply police to interfaz
interface vlan20
service-policy output CUSTOMER
3. service-policy with aggregate policer
mls qos aggregate-policer CUSTOMER_OUT 425000000 106250 conform-action
transmit exceed-action drop
!
policy-map CUSTOMER_OUT
class class-default
police aggregate CUSTOMER_OUT
!apply police to interfaz
interface vlan20
service-policy output CUSTOMER
Regards,
More information about the cisco-nsp
mailing list