Rate limit on 3560 not functioning

Unanswered Question
Sep 10th, 2007

Hello,


i done various reseaches within cisco.com and came out a very simplified cmd to correctly perform L2 port-based rate limiting. However when applied into my test switch, i couldnt't see any counters/result captured for 'show polic-map interface'. Can someone advise if this setup is done correctly.


mac access-list extended l2

permit any any

ip access-list extended l3

permit ip any any


class-map match-all L2-traffic

match access-group name l2

class-map match-all L3-traffic

match access-group name l3

!

policy-map Customer-1-policy-ingress

class L2-traffic

police aggregate Customer-1

class L3-traffic

police aggregate Customer-1


interface GigabitEthernet0/1

switchport access vlan 50

spanning-tree portfast

service-policy input Customer-1-policy-ingress



SW01#show policy-map interface

GigabitEthernet0/1


Service-policy input: Customer-1-policy-ingress


Class-map: L2-traffic (match-all)

0 packets, 0 bytes

offered rate 0 bps, drop rate 0 bps

Match: access-group name l2


Class-map: L3-traffic (match-all)

0 packets, 0 bytes

offered rate 0 bps, drop rate 0 bps

Match: access-group name l3


Class-map: class-default (match-any)

0 packets, 0 bytes

offered rate 0 bps, drop rate 0 bps

Match: any

0 packets, 0 bytes

rate 0 bps



Any help is greatly appreciated.

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
irisrios Mon, 09/17/2007 - 06:10

Software feature thatcan help you accomplish what you want is QoS. Classify the traffic into class, configure policies applied to those traffic classes, then attach poiliies to interfaces

Joseph W. Doherty Mon, 09/17/2007 - 18:18

Unlike a router, you won't see the stats with a show policy-map interface. Try "show mls qos interface statistics".

leon.mflai Tue, 10/23/2007 - 08:45

Unlike "router", for ordinary Catalyst switch (except ME series), you should apply "srr-queue" to rate limit the traffic on egress interface. If you really want "MQC" like setup, you should consider matching the flow (cef) the traffic instead of a class in the setup.


manav.joshi Mon, 11/12/2007 - 23:04

one cannot check policy-map on interfaces the same way as one checks the output on routers.

3500 series switches have there own way on check QOS.

1. Firstly, check qos in enabled on box

mls qos

2. To mark COS value while being part of policy-map that trusts( does not overwrite) the incoming DSCP value, then "mls qos cos policy-map" needs to be enabled.

3. Make a mls qos aggregate-policer & then call the policer in a policy-map on an interface through service-policy.

4. To verify the policer has got applied on a interface. Check show mls qos int <> policer.

5. QOS capability/attribute of above interface

show mls qos interface <>

6. Statistics values through show mls qos interface <> statistics

Actions

This Discussion