06-30-2009 10:46 PM - edited 03-06-2019 06:32 AM
Hello
I`m trying to rate limit some specific traffic passing through a 3560 switch on some VLANs.
What I have done is create an access list:
access-list 101 permit icmp any any echo
access-list 101 permit icmp any any echo-reply
Then I set a rate limit on the VLAN interface:
rate-limit input access-group 101 128000 8000 8000 conform-action transmit exceed-action drop
rate-limit output access-group 101 128000 8000 8000 conform-action transmit exceed-action drop
CEF is enabled.
But this does not rate limit the traffic like it should, what am I missing here?
07-01-2009 02:57 AM
From latest 3560 configuration guide:
Unsupported Interface Configuration Commands
rate-limit
You might want to consult configuration guide QoS chapter's section on "Policing on SVIs", e.g. http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_50_se/configuration/guide/swqos.html#wp1766801, for your IOS.
07-01-2009 04:19 AM
I recall having same issues on this platform. I used following workaround:
1-I know 3560 can police inbound, so I used a service policy on physical port. referring to a class map & ACLs.
2-for outbound, I used the upstream port ad policed its traffic inbound.
HTH
Sam
07-02-2009 04:28 AM
Thank you for quick reply.
I have done some VLAN filter, bot nothing like in the linked article.
How would I do this config for desired results?
07-02-2009 07:11 PM
"How would I do this config for desired results?"
Have you found this section?
07-02-2009 08:42 AM
I am a little fuzzy but I believe you have to turn on "mls qos" have you done this?
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide