06-30-2009 10:46 PM - edited 03-06-2019 06:32 AM
Hello
I`m trying to rate limit some specific traffic passing through a 3560 switch on some VLANs.
What I have done is create an access list:
access-list 101 permit icmp any any echo
access-list 101 permit icmp any any echo-reply
Then I set a rate limit on the VLAN interface:
rate-limit input access-group 101 128000 8000 8000 conform-action transmit exceed-action drop
rate-limit output access-group 101 128000 8000 8000 conform-action transmit exceed-action drop
CEF is enabled.
But this does not rate limit the traffic like it should, what am I missing here?
07-01-2009 02:57 AM
From latest 3560 configuration guide:
Unsupported Interface Configuration Commands
rate-limit
You might want to consult configuration guide QoS chapter's section on "Policing on SVIs", e.g. http://www.cisco.com/en/US/docs/switches/lan/catalyst3560/software/release/12.2_50_se/configuration/guide/swqos.html#wp1766801, for your IOS.
07-01-2009 04:19 AM
I recall having same issues on this platform. I used following workaround:
1-I know 3560 can police inbound, so I used a service policy on physical port. referring to a class map & ACLs.
2-for outbound, I used the upstream port ad policed its traffic inbound.
HTH
Sam
07-02-2009 04:28 AM
Thank you for quick reply.
I have done some VLAN filter, bot nothing like in the linked article.
How would I do this config for desired results?
07-02-2009 07:11 PM
"How would I do this config for desired results?"
Have you found this section?
07-02-2009 08:42 AM
I am a little fuzzy but I believe you have to turn on "mls qos" have you done this?
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: