[c-nsp] limit bandwidth on 7600 MUX-UNI port

Artyom Viklenko artem at aws-net.org.ua
Sat Oct 30 02:04:55 EDT 2010 

29.10.2010 19:43, Artyom Viklenko пишет:
> 29.10.2010 19:09, Arie Vayner (avayner) пишет:
>> Hi,
>>
>> You should create the policy-map with an aggregate policer as the
>> action.
>> Then on the physical port (the trunk) configure "mls qos vlan-based",
>> and apply the the policy-map you have created on the SVIs (interface
>> vlan) for the relevant VLAN numbers.
>
>
> Thanks! This is what I'm thinking about.
> It works at least for incoming traffic.
> Will make same thing on the other end...

Finally foud possibility to refine configuration.
Now all three vlans in question configured using sub-interfaces and EoMPLS VCs.
Created two aggregate-policers - for in and out trafic - and two policy-maps.
These policy-maps was applied to three sub-ifs.
No it works in both directions as expected.

mls qos aggregate-policer XXX-IN 100000000 19200000 19200000 conform-action transmit exceed-action drop
mls qos aggregate-policer XXX-OUT 100000000 19200000 19200000 conform-action transmit exceed-action drop
!
policy-map xxx-in
   class class-default
      police aggregate XXX-IN
!
policy-map xxx-out
   class class-default
      police aggregate XXX-OUT
!
interface GigabitEthernet1/27.123
  description XXXXXXXXXX
  encapsulation dot1Q 123
  xconnect x.x.x.x yyy123 encapsulation mpls
  service-policy input xxx-in
  service-policy output xxx-out
!
interface GigabitEthernet1/27.160
  description XXXXXXXXXX
  encapsulation dot1Q 160
  xconnect x.x.x.x yyy160 encapsulation mpls
  service-policy input xxx-in
  service-policy output xxx-out
!
interface GigabitEthernet1/27.170
  description XXXXXXXXXX
  encapsulation dot1Q 170
  xconnect x.x.x.x yyy170 encapsulation mpls
  service-policy input xxx-in
  service-policy output xxx-out


#sh policy-map int gi1/27.123
  GigabitEthernet1/27.123

   Service-policy input: xxx-in

     class-map: class-default (match-any)
       Match: any
       police aggregate XXX-IN :
         100000000 bps 19200000 limit 19200000 extended limit
       Earl in slot 5 :
         1760959342 bytes
         30 second offered rate 4421432 bps
         aggregate-forwarded 1760959342 bytes action: transmit
         exceeded 0 bytes action: drop
         aggregate-forward 5276736 bps exceed 0 bps

   Service-policy output: xxx-out

     class-map: class-default (match-any)
       Match: any
       police aggregate XXX-OUT :
         100000000 bps 19200000 limit 19200000 extended limit
       Earl in slot 2 :
         381854031 bytes
         30 second offered rate 1188864 bps
         aggregate-forwarded 381854031 bytes action: transmit
         exceeded 0 bytes action: drop
         aggregate-forward 1021176 bps exceed 0 bps
       Earl in slot 5 :
         44064 bytes
         30 second offered rate 272 bps
         aggregate-forwarded 44064 bytes action: transmit
         exceeded 0 bytes action: drop
         aggregate-forward 272 bps exceed 0 bps

Same for all three sub-ifs as expected.

"Offered rate" values in both directions correspond
to actual trafic.

Now waiting for trafic increase to check drops. :)

Thanks!

>
>>
>> Because you are using an aggregate policer, it would police the
>> aggregate rate between the different interfaces...
>>
>> Arie
>>
>> -----Original Message-----
>> From: cisco-nsp-bounces at puck.nether.net
>> [mailto:cisco-nsp-bounces at puck.nether.net] On Behalf Of Artyom Viklenko
>> Sent: Friday, October 29, 2010 15:36
>> To: cisco-nsp at puck.nether.net
>> Subject: [c-nsp] limit bandwidth on 7600 MUX-UNI port
>>
>> Hi, All!
>>
>> I need advice on the folowing problem.
>>
>>
>> We have customer-faced interface on PE-router (Cisco
>> 7606 with rsp720-3cxl-ge). Interface in question is on
>> WS-X6748-SFP line card. IOS 12.2(33)SRD4 Adv. IP Svc.
>>
>> This interface is configured as switchport with some vlans
>> on it. Also, two sub-interfaces was configured using
>> xconnect (EoMPLS to another PE router).
>>
>> Lets say something like this:
>>
>> interface GigabitEthernet1/27
>> description XXXXXXXXX
>> switchport
>> switchport trunk encapsulation dot1q
>> switchport trunk native vlan 4094
>> switchport trunk allowed vlan 123-129,340,2831
>> switchport mode trunk
>> switchport nonegotiate
>> mtu 9216
>> logging event link-status
>> load-interval 30
>> mls qos vlan-based
>> spanning-tree portfast trunk
>> spanning-tree bpdufilter enable
>> end
>> !
>> interface GigabitEthernet1/27.160
>> description XXXXXXXXXX
>> encapsulation dot1Q 160
>> xconnect x.x.x.x yyy160 encapsulation mpls
>> end
>> !
>> interface GigabitEthernet1/27.170
>> description XXXXXXXXXX
>> encapsulation dot1Q 170
>> xconnect x.x.x.x yyy170 encapsulation mpls
>> end
>>
>> I need to limit total bandwidth for VLANs 123,160,170
>> to some value (100m, for example).
>>
>> I understand that there is need for aggregate policer
>> in this case - one was created.
>>
>> But what I'm can't figure out how to apply this policer
>> to only thrafic in seectded vlan-s.
>>
>> I can't apply service-policies on interface itself and
>> on sub-interfaces. Also, I'cant apply policy-map with
>> match vlan (or match input vlan) class-map...
>>
>>
>> Please, point me in right direction!
>>
>> Thanks in advance!
>>
>
>


-- 
             Sincerely yours,
                                Artyom Viklenko.
-------------------------------------------------------
artem at aws-net.org.ua | http://www.aws-net.org.ua/~artem
artem at viklenko.net   | JID: artem at jabber.aws-net.org.ua
FreeBSD: The Power to Serve   -  http://www.freebsd.org

More information about the cisco-nsp mailing list