4500 Aggregate policers and Per-Port Per-VLAN QoS

Unanswered Question
Nov 8th, 2007


I want to limit the aggregate traffic of multiple VLANs on a trunk using an aggregate policer. I also need Per-Port Per-VLAN QoS for other VLANs on the same trunk.

To cut a long story short, will the example config below work?

qos aggregate-policer pol_aggr_10Mbit 10m 12.5k conform-action transmit exceed-action drop


policy-map Aggr_10Mbit

class class-default

police aggregate pol_aggr_10Mbit


policy-map Limit_10M

class class-default

police 10m 12.5k conform-action transmit exceed-action drop


interface GigabitEthernetx/y

switchport trunk encapsulation dot1q

switchport mode trunk


! Aggregate 10Mbit VLANs

vlan-range 208, 316, 909

service-policy output Aggr_10Mbit


! 10 Mbit VLANs

vlan range 20, 50-100

service-policy output Limit_10M

Regards, Jan

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
mchin345 Wed, 11/14/2007 - 14:46

Your config looks good . Actually Per-port per-VLAN QoS (PVQoS) offers differentiated quality-of-services to individual VLANs on a trunk port. It enables service providers to rate limit individual VLAN-based services on each trunk port to a business or a residence. In an enterprise Voice-over-IP environment, it can be used to rate limit voice VLAN even if an attacker impersonates an IP phone. A per-port per-VLAN service policy can be separately applied to either ingress or egress traffic.


This Discussion