[c-nsp] 6500 policing
Justin M. Streiner
streiner at cluebyfour.org
Mon Aug 2 10:01:06 EDT 2010
On Mon, 2 Aug 2010, Jon Lewis wrote:
> I'm having some trouble with policing on a 6500 (sup720-3bxl) on a
> WS-X6416-GBIC port. The port is supposed to be rate-limited to 40mbit/s. The
> physical port is configured as a layer 2 port tied to a single vlan
> (switchport access vlan ...). Egress policing is applied to the SVI port
>
> interface Vlan2006
> service-policy output 40mbit
>
> The policy-map is simply
>
> class-map match-any all
> match ip dscp default
> policy-map 40mbit
> class all
> police 40000000 4000000 4000000 conform-action transmit exceed-action
> drop
>
> The interface counters really don't make much sense. show int g... shows the
> physical port is doing 20-25mbit/s in each direction. show int vl2006 claims
> there's no input and 10mbit/s output traffic. I can live with the vlan
> interface counters being bogus, but what I'm seeing is at 20-25mbit/s output
> traffic on the gig port, output packets are being dropped and sh mls qos ip
> g... shows policed packets incrementing at a pretty good rate.
>
> I'm tempted to reconfigure the physical ports as layer 3 ports to see if that
> makes any difference.
>
> I'm doing similar policing on other interfaces and can't recall ever seeing
> this behavior.
What IOS version are you running?
jms
More information about the cisco-nsp
mailing list