Bandwidth managment/limiting on ME3400

Unanswered Question
Dec 5th, 2008

This is crazy long, but please bear with me.

My goal is basically to provide tiers of service ie. 3Mb down 512k up or 1Mb down 256k up.

I'm able to set the upload rate just fine by applying the following.

ip access-list extended matchanyacl

permit ip any any

!

class-map match-all alltraffic

match access-group name matchanyacl

!

policy-map 384up

class alltraffic

police cir 384000

conform-action transmit

exceed-action drop

!

interface range FastEthernet0/2 - 24

service-policy input 384up

However when I'm working with setting the user's download speed I've attempted to use a similar setup

policy-map 1540down

class alltraffic

police cir 1576500

conform-action transmit

exceed-action drop

but when I apply it to the interface it gives me this error.

Configuration Failed. Can not have ACL based classification in a class-map within an output policy-map

So I changed from matching an ACL to just having the class-map match anything

class-map match-all alltraffic

match any

!

policy-map 1540down

class alltraffic

police cir 1576500

conform-action transmit

exceed-action drop

but after I apply it to an interface I get this error.

QoS: Configuration failed. Priority action is required with a policer in an output policy 1540down

So I added the priority command so that the policy looks like this.

policy-map 1540down

class alltraffic

police cir 1576500

conform-action transmit

exceed-action drop

priority

but when I apply it to the interface I get the following error

Match any is not supported for this interface

So I change the match any to a match protocol ip (which to me is basically any)

class-map match-all alltraffic

match protocol ip

policy-map 1540down

class alltraffic

police cir 1576500

conform-action transmit

exceed-action drop

priority

but I get this message

Match protocol is not supported for this interface

So I changed my tactics and tried to use shaping instead of policing.

policy-map 1540down

class class-default

shape average 1576500

but when I apply this as an output policy to the interface I receive the following error.

QoS: Configuration failed. The configured rate 1576500 bps is not achievable in hw within 1% of configuration.

Closest value(s) are: 11111120 bps, 5882368 bps

So I switched back to policing for one final go at it. And I seem to have made it to a working configuration, but I wanted to get some extra input about whether or not this is even the best way to accomplish this. I switched to tagging traffic when it comes in on my uplink interface and setting it to a qos-group x and then matching that qos-group in my policy for later policing as an output policy.

ip access-list extended matchanyacl

permit ip any any

!

class-map match-all uplink

match access-group name matchanyacl

class-map match-all alltraffic

match qos-group 75

!

policy-map 1540down

class alltraffic

police cir 1576500

conform-action transmit

exceed-action drop

priority

policy-map uplinktag

class uplink

set qos-group 75

!

interface FastEthernet0/1

desc ## uplink port ##

service-policy input uplinktag

interface range f0/2 - 24

Desc ## User ports ##

service-policy output 1540down

Does anyone have any input or know of a better method to achieve my goal? Thanks for looking.

I have this problem too.
0 votes
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 1 (1 ratings)
Loading.

The Cisco ME 3400 Series supports numerous management features. Support for Simple Network Management Protocol (SNMP) versions 1, 2c, and 3 and Telnet interface support deliver comprehensive in-band management, and a command-line-based management console provides detailed out-of-band management. The Cisco ME 3400 Series also supports the Cisco CNS 2100 Series Intelligence Engine, a hardware appliance supporting a suite of Cisco CNS products (intelligent agents) that function with device agents to create a programmable network.

Cisco Works network management software provides management capabilities to the Cisco ME 3400 Series on a per-port and per-switch basis, providing a common management interface for Cisco routers, switches, and hubs.

For further information click this link.

http://www.cisco.com/en/US/prod/collateral/switches/ps6568/ps6580/product_data_sheet0900aecd8034fef3.html

sjamison76 Wed, 01/07/2009 - 11:26

The egress side has got some problems with it. The way I worked it out was, I did Ingress/Ingress policing only with a child parent relationship of policies.

This allows me to get as granular as I want, without having to worry about out of hardware spec or port speeds. I can have a 1gig handoff, and rate shape down as low as I want. Just also as a side note, Cisco scolded me for limiting below 5mbs and said the box wasnt really designed to go that low.

Anyways, here is a sample config. Just change the values as you want:

class-map match-all cust-vlan

match vlan 201

class-map match-all mgmt-vlan

match vlan 1

!

!

policy-map MGMT

class class-default

police cir 10000000

conform-action transmit

exceed-action transmit

policy-map cust-child

class class-default

police cir 6000000

conform-action transmit

exceed-action drop

policy-map provider

class mgmt-vlan

service-policy MGMT

class cust-vlan

service-policy cust-child

interface GigabitEthernet0/4

description uplink

service-policy input provider

interface gig0/1

description customer interface

service-policy input cust-child

Hope this helps!

Eli Barb Tue, 01/20/2009 - 20:27

Thanks that really helps to hear what others are using. With my config I was starting to have problems with a few ports err-disabling with specific speeds, but I seem to be successfully limiting to 1.5 by 384 without too many issues. My biggest problem is that I'm using these at a few locations where I've way over subscribed the connection that the property is actually sitting on. A few currently only have 5mb for 60+ users so any I need to limit as much as possible to eliminate any bandwidth hogs without taking anyone too low. I suppose next I need to look at nbar to see what protocols can be tuned/pruned.

Thanks again!

Actions

This Discussion