IP Based QOS

Unanswered Question
Joseph W. Doherty Fri, 10/17/2008 - 16:32

On many devices you could target a policer for a specific IP address, but if many, becomes difficult to maintain and depending on device, might be limited in number of individual policers you can implement.

On the 6500 series, believe they have something called a microflow policer that might lend itself to such an application without needing to predefine every individual IP address.

tcordier Sat, 10/18/2008 - 13:11

You can achieve this using MQC policing or CAR. Here are two configurations which show how you could achieve this, for each of the two methods:

1st method MQC:

Define your source IP addresses:

ip access-list standard IP_1


ip access-list standard IP_2


Define the traffic classes using these ACLs:

class-map match-all IP_1

match access-group name IP_1

class-map match-all IP_2

match access-group name IP_2

Define the policy:

policy-map Police

class IP_1

police 64000

class IP_2

police 64000

-> This will police the traffic in each class to 64K, and drop all traffic above this threshold.

Apply the policy:

interface xyz

service-policy output Police

2nd Method CAR:

interface xyz

rate-limit output access-group 1 64000 8000 8000 conform-action transmit exceed-action drop

rate-limit output access-group 2 64000 8000 8000 conform-action transmit exceed-action drop

For both methods you have many additional options about how to handle exceeding traffic, or how to specify traffic in different ways, such as for destination IP addresses, protocols etc.

Check http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/12_4/qos_12_4_book.html for more information and details.

HTH, Thomas


This Discussion