[c-nsp] Cisco 6500 [SUP720-3B]: %QM-4-AGG_POL_EXCEEDED: QoS Hardware Resources Exceeded : Out of Aggregate policers

Tóth András diosbejgli at gmail.com
Fri Oct 7 15:10:56 EDT 2011 

Hi Chris,

This is indeed an expected behavior. There are 2 workarounds.
- Use vlan-based qos instead of port-based qos. [1]
- Disable qos marking statistics with the 'no mls qos marking
statistics' global configuration command.


If you have marking statistics enabled, the statements matched by the
class-maps will be installed into hardware <classes> x <interfaces>
number of times in order to provide granular statistics for each 'set
dscp' statement on every interface where the policy-map is applied.

The downside of this is that the QoS marking statistics will not be
seen from the CLI. You can check the markings in a sniffer capture if
required.


You can use the 'show platform hardware capacity qos' command to
verify the number of aggregate policers used before and after
disabling marking statistics.

[1]: http://www.cisco.com/en/US/products/hw/switches/ps708/products_tech_note09186a00801b42bf.shtml#qm_agg

Best regards,
Andras


On Fri, Oct 7, 2011 at 4:13 PM, Chris Mason <chris at noodles.org.uk> wrote:
> Hi All,
>
> I am running 12.2(18)SXF12a on a Cisco 6500 and I am getting the
> following error message when applying a service policy to an
> interface:
>
> %QM-4-AGG_POL_EXCEEDED: QoS Hardware Resources Exceeded : Out of
> Aggregate policers
>
> I understand the EARL7 SUP720 has a limit of 1023 aggregate policers,
> but I have not configured any policers (aggregate or flow based).
> My service policy is very simple and it is setting dscp based on ACL matches:
>
> policy-map X
>  class AAA
>  set dscp cs6
>  class BBB
>  set dscp af32
>  class CCC
>  set dscp cs3
>
> From what I can see, I am using an aggregate entry for each class
> attached to an interface:
>
> Switch# show mls qos ip GigabitEthernet 2/7
>      Int Mod Dir  Class-map DSCP  Agg  Trust Fl   AgForward-By   AgPoliced-By
>                                   Id         Id
> -------------------------------------------------------------------------------
>     Gi2/7  5  In AAA   48  193     No  0              0              0
>     Gi2/7  5  In BBB   26  194     No  0              0              0
>     Gi2/7  5  In CCC   24  195     No  0              0              0
>     Gi2/7  5  In DDD   18  196     No  0        6338085              0
>
> Is it just a case that the error message is misleading and I can only
> use 1023 classes across the box or is this not expected?
> I know my solution is vlan based and I am going to need to move to
> that, but just checking this is expected and this limit isn't just
> policers.
>
> Thanks,
> Chris
>
> _______________________________________________
> cisco-nsp mailing list  cisco-nsp at puck.nether.net
> https://puck.nether.net/mailman/listinfo/cisco-nsp
> archive at http://puck.nether.net/pipermail/cisco-nsp/
>

More information about the cisco-nsp mailing list