[c-nsp] 6500 policing
Jon Lewis
jlewis at lewis.org
Mon Aug 2 13:39:15 EDT 2010
I'm having some trouble with policing on a 6500 (sup720-3bxl) on a
WS-X6416-GBIC port. The port is supposed to be rate-limited to 40mbit/s.
The physical port is configured as a layer 2 port tied to a single vlan
(switchport access vlan ...). Egress policing is applied to the SVI port
interface Vlan2006
service-policy output 40mbit
The policy-map is simply
class-map match-any all
match ip dscp default
policy-map 40mbit
class all
police 40000000 4000000 4000000 conform-action transmit exceed-action drop
The interface counters really don't make much sense. show int g... shows
the physical port is doing 20-25mbit/s in each direction. show int vl2006
claims there's no input and 10mbit/s output traffic. I can live with the
vlan interface counters being bogus, but what I'm seeing is at 20-25mbit/s
output traffic on the gig port, output packets are being dropped and sh
mls qos ip g... shows policed packets incrementing at a pretty good rate.
I'm tempted to reconfigure the physical ports as layer 3 ports to see if
that makes any difference.
I'm doing similar policing on other interfaces and can't recall ever
seeing this behavior.
----------------------------------------------------------------------
Jon Lewis | I route
Senior Network Engineer | therefore you are
Atlantic Net |
_________ http://www.lewis.org/~jlewis/pgp for PGP public key_________
More information about the cisco-nsp
mailing list