rate-limit 3750me

Unanswered Question
Jul 13th, 2010
User Badges:

I’m trying to rate-limit the traffic going thought a Fast Ethernet interface on a ME3750 to 2MB. I have 2 VLANs going through, and I want to trust the CoS values because it can be different types of priority traffic inside the two VLANs. I would like the switch to drop packets with low priority first no matter what VLAN tag it has. I can also use the ES ports if it's any limitation on the fast Ethernet ports.

I tried to configure QoS in the lab, but it didn’t work properly. For this test I’ve used SmartBit to send trafikk between int fa1/0/9 and 1/0/10:

Interface fa1/0/9: VLAN 25 (11MB, Pri 0) and VLAN 24 (3MB, Pri 6)

Interface fa1/0/10: VLAN 25 (11MB, Pri 0) and VLAN 24 (3MB, Pri 6)

mls qos

Policy Map customer-policy-A

    Class class-default

            police 2000000 8000 exceed-action drop

            trust cos

interface FastEthernet1/0/9

switchport trunk encapsulation dot1q

           switchport trunk allowed vlan 24,25

           switchport mode trunk

           speed 100

           duplex full

           service-policy input customer-policy-A

interface FastEthernet1/0/10

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 24,25

switchport mode trunk

speed 100

duplex full

service-policy input customer-policy-A

With this configuration I got 83% packet loss, but also for the priority traffic (all 4 flows got 83% pct loss). Seems to me that the trust function didn’t work.. ?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
sylvain.lokangaka Fri, 07/16/2010 - 10:20
User Badges:

Hi,  here is my suggestion:  You need to another policy-map that you can call "customer-policy-B". you the same configs customer-policy-A but add conform-action set-cos-transmit 3 ( you can choose any cos depending on your network).  create a class-map for each vlan. i.e: (config)#class-map vlan_24                                                  match vlan 24                                         (config)#class-map vlan_25                                                  match vlan 25  create a second policy-map. i.e: (config)#policy-map test                                            class vlan_24                                             service-policy input customer-policy-A                                            class vlan_25                                             service-policy input customer-policy-B Apply the "test" policy on your trunk interfaces.  Pls let me know your results.

Posted from my mobile device.

hildecaroline Mon, 07/19/2010 - 08:02
User Badges:

Hi, thank you for your answer. Looks like I don't have the command "conform-action set-cos-transmit 3" on my 3750 switch. I could try with policed -dscp-transmit, but I it also looks like the configuration won't work for my fast Ethernet ports. I got a message about using ES ports for hierarchical service-police. I really would like to use the Fast Ethernet ports.. is it possible?

hildecaroline Tue, 07/20/2010 - 08:49
User Badges:


Can you recommend a simple way to configure rate limit for all traffic going through a fast ethernet port(dot1q)?

- limit all traffic to 2 MB

- trust cos tagging

- drop packets with low priority (regardless of vlan tag) Lets say drop Pri 0 - 4

If it's not possible, can it easily  be done within just one vlan? I tried with SVI based, but got a message about "police action on parent level not supported for vlan..".

sylvain.lokangaka Tue, 07/20/2010 - 11:57
User Badges:


i haven't encounter the scenario that you set below.

i guess you will need either an access-lists or a route-map (not sure if supported on 3750). You match cos or dscp value that you want to allow and deny everything else.

Then you create a class-map that match with the route-map you created earlier. After that you create a policy-map with the class that you created. Then police 2048000 exceed-action drop.

At the physical interface, you apply the policy-map.

sample configs: route-map allow

                         match cos 5

                         match cos 3

                         deny any

                       class-map transmit

                            match route-map allow

                       policy-map physical

                          class transmit

                             police 2048000 exceed-action drop

                       interface fast0/1

                         service-policy input physical

NB: in case of an access-list: you will match all priority you desire to transmit. since there is an implicit deny at bottom of an access-list, you don't really need to deny again. Afterward, follow the same procedure for route-map.


This Discussion

Related Content