cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
679
Views
0
Helpful
3
Replies

rate-limiting on 3560 switch not working

mmedwid
Level 3
Level 3

I am trying to limit traffic inbound to 10Mbps on a gig interface 0/48 set to 100/full.  So I downloaded some big

files over this link and I'm able to see 30-40Mbps or more.  You can see from the show int - rate-limit command that parameters

are never showing exceented so nothing has been dropped.  What am I missing?  Thanks.

interface GigabitEthernet0/48

description ATT Link 100Mbps

no switchport

ip address 10.10.7.2 255.255.255.252

rate-limit input 10000000 10000 10000 conform-action continue exceed-action drop

speed 100    

duplex full

c3560-1#sho int gi 0/48 rate-limit

GigabitEthernet0/48 ATT Link 100Mbps

  Input

    matches: all traffic

      params:  10000000 bps, 10000 limit, 10000 extended limit

      conformed 0 packets, 0 bytes; action: continue

      exceeded 0 packets, 0 bytes; action: drop

      last packet: 2167248835ms ago, current burst: 0 bytes

      last cleared 00:04:41 ago, conformed 0 bps, exceeded 0 bps

mccx-c3560-1#show int gig 0/48

GigabitEthernet0/48 is up, line protocol is up (connected)

  Hardware is Gigabit Ethernet, address is 30e4.db3c.08c5 (bia 30e4.db3c.08c5)

  Description: ATT Link to Herakles 100Mbps

  Internet address is 10.10.7.2/30

  MTU 1500 bytes, BW 100000 Kbit, DLY 100 usec,

     reliability 255/255, txload 1/255, rxload 31/255

  Encapsulation ARPA, loopback not set

  Keepalive set (10 sec)

  Full-duplex, 100Mb/s, media type is 10/100/1000BaseTX

  input flow-control is off, output flow-control is unsupported

  ARP type: ARPA, ARP Timeout 04:00:00

  Last input 00:00:00, output 00:00:01, output hang never

  Last clearing of "show interface" counters never

  Input queue: 0/75/0/0 (size/max/drops/flushes); Total output drops: 0

  Queueing strategy: fifo

  Output queue: 0/40 (size/max)

  5 minute input rate 12487000 bits/sec, 1110 packets/sec

  5 minute output rate 0 bits/sec, 0 packets/sec

     12137264 packets input, 3932863552 bytes, 0 no buffer

     Received 18 broadcasts (0 IP multicasts)

     0 runts, 0 giants, 0 throttles

1 Accepted Solution

Accepted Solutions

Hi,

Try this:

ip access-list extended 101

permit ip any any

!

class-map match-all SHTRAFFIC

match access-group 101

!

policy-map POLTRAF

class SHTRAFFIC

police 10000000 10000 exceed-action drop

!

interface GigabitEthernet0/48

service-policy input POLTRAF

Best regards,

Alex

View solution in original post

3 Replies 3

Hi,

Try this:

ip access-list extended 101

permit ip any any

!

class-map match-all SHTRAFFIC

match access-group 101

!

policy-map POLTRAF

class SHTRAFFIC

police 10000000 10000 exceed-action drop

!

interface GigabitEthernet0/48

service-policy input POLTRAF

Best regards,

Alex

mmedwid
Level 3
Level 3

That did it.  Thank you Alexander!

I am glad that I can help you.

Best regards,

Alex

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco