Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
669
Views
9
Helpful
4
Replies

CBWFQ on 6500 sup720

cannone78
Level 1
Level 1

‎02-13-2007 10:25 AM - edited ‎03-03-2019 03:44 PM

Hi all,

I have a 6506 with sup720 and PFC3B with this QoS configuration:

!

access-list 102 permit udp any any

!

class-map match-any udp

match access-group 102

!

policy-map 100MB

class udp

police 10000000 5000000 5000000 conform-action transmit exceed-action drop

class class-default

fiar-queue

!

interface GigabitEthernet1/6

no ip address

ip route-cache flow

load-interval 30

service-policy output 100MB

!

interface GigabitEthernet1/6.699

encapsulation dot1Q 699

ip vrf forwarding vpn-1

ip address x.x.x.x 255.255.255.252

When I do a show policy-map...there are no match in the class udp:

class-map: udp (match-any)

Match: access-group 102

police :

10000000 bps 5000000 limit 5000000 extended limit

Earl in slot 5 :

0 bytes

30 second offered rate 0 bps

aggregate-forwarded 0 bytes action: transmit

exceeded 0 bytes action: drop

aggregate-forward 0 bps exceed 0 bps

If I apply the policy-map on subinterface....gi1/6.699 I see traffic within class udp!!

Is it normal this behaviour? Any suggestion?

Many thanks in advance

Gianluca

Labels:
0 Helpful
4 Replies 4

mheusinger
Level 10
Level 10

‎02-13-2007 10:32 AM

Hi Gianluca,

this is the normal behaviour.

The main interface on a dot1Q trunk "sees" the traffic in the native VLAN on that trunk. I assume that there will be no UDP traffic as you do not even have an IP address defined. So no IP traffic is allowed on G1/6, hence no matches in your policy-map.

The subinterface, however, will get all traffic in VLAN 699 and as an IP address is defined there is most likely also UDP traffic.

Hope this helps!

Regards, Martin

0 Helpful

cannone78
Level 1
Level 1
In response to mheusinger

‎02-13-2007 11:05 AM

Thanks a lot Martin!

But it's a normal behaviour for catalyst 6500 only?

This mean that if I have different sub-interface I'm obliged to configure a QoS policy for each one?

There is no way to have one general policy shared between all the subinterface?

Regards

Gianluca

0 Helpful

mheusinger
Level 10
Level 10
In response to cannone78

‎02-13-2007 11:28 AM

Hello Gianluca,

this is not specific to the 6500.

Whether a policy should be applied to the main or a subinterface depends on the policy. If you f.e. want to police IP traffic you need to apply this to an IP interface.

If you want to queue all traffic through an interface you need a policy applied to the main interface, f.e. matching on cos values.

Hope this helps! Please use the rating system.

Regards, Martin

cannone78
Level 1
Level 1
In response to mheusinger

‎02-14-2007 07:32 AM

Hi Martin thanks a lot for your support.

But I 've a lot of doubt yet...I'm very confused..

I've a 7500 with the same scenario..with 1 phisical interface and different sub-interface configured on dot1q with ip address and vrf: in this case if apply the policy on the phisical interface I see correctly packet match in the class...So I suppose that the behaviour of the 6500 is a normal behaviour for all the catalyst but not for the router..is it correct?

Now the problem is that I need to configure a policing to limit upstream IP traffic of all the sub-interface upto 200M..I've tried to configure but it doesn't work...

I've tried to use aggregate-policer too...but it doesn't work..

Can you suggest some configuration?

Many thanks

Regards

Gianluca

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card