02-13-2007 10:25 AM - edited 03-03-2019 03:44 PM
Hi all,
I have a 6506 with sup720 and PFC3B with this QoS configuration:
!
access-list 102 permit udp any any
!
class-map match-any udp
match access-group 102
!
policy-map 100MB
class udp
police 10000000 5000000 5000000 conform-action transmit exceed-action drop
class class-default
fiar-queue
!
interface GigabitEthernet1/6
no ip address
ip route-cache flow
load-interval 30
service-policy output 100MB
!
interface GigabitEthernet1/6.699
encapsulation dot1Q 699
ip vrf forwarding vpn-1
ip address x.x.x.x 255.255.255.252
When I do a show policy-map...there are no match in the class udp:
class-map: udp (match-any)
Match: access-group 102
police :
10000000 bps 5000000 limit 5000000 extended limit
Earl in slot 5 :
0 bytes
30 second offered rate 0 bps
aggregate-forwarded 0 bytes action: transmit
exceeded 0 bytes action: drop
aggregate-forward 0 bps exceed 0 bps
If I apply the policy-map on subinterface....gi1/6.699 I see traffic within class udp!!
Is it normal this behaviour? Any suggestion?
Many thanks in advance
Gianluca
02-13-2007 10:32 AM
Hi Gianluca,
this is the normal behaviour.
The main interface on a dot1Q trunk "sees" the traffic in the native VLAN on that trunk. I assume that there will be no UDP traffic as you do not even have an IP address defined. So no IP traffic is allowed on G1/6, hence no matches in your policy-map.
The subinterface, however, will get all traffic in VLAN 699 and as an IP address is defined there is most likely also UDP traffic.
Hope this helps!
Regards, Martin
02-13-2007 11:05 AM
Thanks a lot Martin!
But it's a normal behaviour for catalyst 6500 only?
This mean that if I have different sub-interface I'm obliged to configure a QoS policy for each one?
There is no way to have one general policy shared between all the subinterface?
Regards
Gianluca
02-13-2007 11:28 AM
Hello Gianluca,
this is not specific to the 6500.
Whether a policy should be applied to the main or a subinterface depends on the policy. If you f.e. want to police IP traffic you need to apply this to an IP interface.
If you want to queue all traffic through an interface you need a policy applied to the main interface, f.e. matching on cos values.
Hope this helps! Please use the rating system.
Regards, Martin
02-14-2007 07:32 AM
Hi Martin thanks a lot for your support.
But I 've a lot of doubt yet...I'm very confused..
I've a 7500 with the same scenario..with 1 phisical interface and different sub-interface configured on dot1q with ip address and vrf: in this case if apply the policy on the phisical interface I see correctly packet match in the class...So I suppose that the behaviour of the 6500 is a normal behaviour for all the catalyst but not for the router..is it correct?
Now the problem is that I need to configure a policing to limit upstream IP traffic of all the sub-interface upto 200M..I've tried to configure but it doesn't work...
I've tried to use aggregate-policer too...but it doesn't work..
Can you suggest some configuration?
Many thanks
Regards
Gianluca
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: