[c-nsp] Limit port usage on a cisco 3550

Yuri Selivanov uri at tomsknet.ru
Wed Jun 2 23:21:10 EDT 2010 

		Hi Mohammad!

> as i see from the document that egress policing on regular port is not supported 
> so what is the way that i can use to limit the speed ?

	There're two ways to do that:

 #1: As Chris has already pointed out you can do policing on your uplink
     port (I used rudimentary trunk on uplink and SVI-based policy but
     you can use a regular single-level policy in case of access-port):

!
mls qos
!
interface FastEthernet1/0/1
 description UPLINK
 switchport trunk encapsulation dot1q
 switchport trunk native vlan 12
 switchport trunk allowed vlan 12
 switchport mode trunk
 switchport nonegotiate
 mls qos vlan-based
 no cdp enable
 spanning-tree portfast trunk
 spanning-tree bpdufilter enable
!
interface Vlan12
 no ip address
 service-policy input VLAN_12_DOWNSTREAM
!
!
ip access-list extended INTERESTED-TRAFFIC
 permit ip any any
!
!
class-map match-all INTERESTED-TRAFFIC
  match access-group name INTERESTED-TRAFFIC
!
class-map match-all RCVD_FROM_UPLINK
  match input-interface  FastEthernet1/0/1
!
!
policy-map VLAN_12_DOWNSTREAM
  class INTERESTED-TRAFFIC
   set dscp cs1
   service-policy CIR_512K
!
policy-map CIR_512K
  class RCVD_FROM_UPLINK
    police 512000 51200 exceed-action drop
!
!

#2 : Or you can use SRR features on outgoing (downlink) port:

 2a: Per-port BW limit (bad granularity and precision)

     srr-queue bandwidth limit [10..90 percents of PHY speed]

 
 2b: Per-Q BW limit -- map your interesting traffic to a specific queue and
     shape it down by using:

     srr-queue bandwidth shape  0 10 0 0

     Where "10" stands for 1/10th of PHY speed limit for Q2 (which serves
     CS1 by default).
     
     
	HTH! 

[snip]	

> > > i have the same request , i want ti police outbound traffic on a Layer 2 port
> > > i have Cisco ME3750 with c3750me-i5-mz.122-35.SE5 IOS image
> > 
> > 	You tried to apply egress policy to a regular (non-ES) interface
> > which is not supported:
> > 
> >   http://tinyurl.com/3yctyjn
> > 
> > 	AFAIR, ME3750's regular ports behave identically to 3750/3560 in
> > terms of qos.

-- 
Best Regards,
Yuri Selivanov

More information about the cisco-nsp mailing list