[c-nsp] Per port per vlan policing on ME-6524
Lobo
lobotiger at gmail.com
Tue Mar 8 10:33:25 EST 2011
Anyone?
Jose
On 3/4/2011 3:52 PM, Lobo wrote:
> Hey everyone. I've been trying to replicate the per-port per vlan
> policing that we do on our C3750s on an ME-6524 we have in our lab but
> I'm coming across a rejection by the router/switch whenever I attempt
> to apply the policy-map to the SVI.
>
> This is the configuration I'm using:
>
> mac access-list extended AnyMac
> permit any any
> !
> access-list 101 permit ip any any
> !
> class-map match-all L2-Traffic
> match access-group name AnyMac
> class-map match-all IP-Traffic
> match access-group 101
> class-map match-any ALL-TRAFFIC-G1/22
> match input-interface GigabitEthernet1/22
> class-map match-any ALL-TRAFFIC-G1/31
> match input-interface GigabitEthernet1/31
> !
> policy-map VLAN888_CHILD
> class ALL-TRAFFIC-G1/22
> police 3000000 conform-action transmit exceed-action drop
> class ALL-TRAFFIC-G1/31
> police 3000000 conform-action transmit exceed-action drop
> !
> policy-map VLAN888_PARENT
> class L2-Traffic
> trust dscp
> service-policy VLAN888_CHILD
> class IP-Traffic
> trust dscp
> service-policy VLAN888_CHILD
> !
>
> Applying the "parent" policy-map on SVI 888 results in this:
>
> PE03(config-if)#int vl 888
> PE03(config-if)#service-policy input VLAN888_PARENT
> Match input interface is not supported for this interface
> PE03(config-if)#
>
> I've configured "mls qos vlan-based" on the two physical interfaces
> just like we do on our 3750s. ME-6524 is running 12.2(33)SXH6
> Advanced IP Services. Not sure what else I can do considering that
> the specs state that this feature is support on this platform.
>
> Thanks for any tips.
>
> Jose
More information about the cisco-nsp
mailing list