[c-nsp] 7600 SVI (vlan interface) Policing

ar ar_djp at yahoo.com
Sat Dec 3 04:04:55 EST 2011 

Hi Ghassan.

Thanks for the info.

Is this regardless of Supervisor engine?
Did they mention if this is considered a bug? if yes, did they gave you the bug id?

Some are saying "mls-qos vlan-based" has to be configured for it to work.

Not sure if this is true, im still searching...

thanks



________________________________
 From: Ghassan.khalil <ghassan.khalil at gmail.com>
To: ar <ar_djp at yahoo.com> 
Cc: "cisco-nsp at puck.nether.net" <cisco-nsp at puck.nether.net> 
Sent: Saturday, December 3, 2011 3:17 PM
Subject: Re: [c-nsp] 7600 SVI (vlan interface) Policing
 
Dears
I faced the same issue with 7613 on interface vlan ingress policing.
After a lot of trials I opened a TAC case and yes it was not supported on interface vlan ingress direction.
The only solution proposed was to apply aggregate policing on the L2 trunks (i.e. All the vlans) which was inconvenient to me.

Regards,
Ghassan

On Dec 3, 2011, at 8:52 AM, ar <ar_djp at yahoo.com> wrote:

> Hi.
> 
> Based on this article: http://www.scribd.com/doc/36278538/Cisco-QoS-6500-7600-Indepth-Design (see notes below),
> 
> ingress policing can be applied on vlan interfaces and L2 switch ports, routed ports.
> 
> But based on my testing, it seems only egress policing is working on vlan interfaces. It's not policing the ingress traffic.
> 
> Anyone has experience on this?
> 
> 
> 
> 
> From the article:
> 
> 
> "While Ingress Policing can be applied to a physical Layer 2 or Layer switch-port, a Routed port
> or a Switched Virtual Interface (i.e. VLAN interface), Egress policing can apply a policy to all of these
> interfaces except a physical Layer 2 switch-port. An Egress Policer cannot be applied to a Layer 2 switch-
> port as it can with Ingress
> Policing. When the Policy Feature Card performs both Ingress and Egress
> policing, it will process ingress policer before egress policer. It is also worth noting that an Ingress and
> Egress policer can exist on a physical interface (or VLAN interface) at the same time."
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/

More information about the cisco-nsp mailing list