Rate-limiting on a switch

Answered Question
Oct 8th, 2005

Hi,

is there an equivalent to the rate-limit command of a router interface for a 3550 switch (l2 port).

Let say I don't want a device to eat more then 2 mbps of traffic...

Thanks

I have this problem too.
0 votes
Correct Answer by szahid about 8 years 6 months ago

There is no rate-limit command on 3550 , but you can rate limit traffic on a per port basis using policers. If you want the inbound traffic to be limited to 2 Mbps , you can do something as simple as following.

Define an acl classifying the traffic coming on this port.

access-lists 100 permit ip host x.y.z.w any

then define a class-map

class-map match-all ratelimit

match access-group 100

Define a policy map.

policy-map rate

class ratelimit

police 2000000 64000 exceed-action drop

and then apply this policy under the interface.

interface

service-policy input rate

3550 also supports egress policies , but you can not use acl based classification. Classification based only on dscp values can be used for egress policers.

For more information , please take a look here.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12120ea2/3550scg/swqos.htm

Hope this helps.

Salman Z.

  • 1
  • 2
  • 3
  • 4
  • 5
Average Rating: 5 (1 ratings)
Correct Answer
szahid Sat, 10/08/2005 - 20:41

There is no rate-limit command on 3550 , but you can rate limit traffic on a per port basis using policers. If you want the inbound traffic to be limited to 2 Mbps , you can do something as simple as following.

Define an acl classifying the traffic coming on this port.

access-lists 100 permit ip host x.y.z.w any

then define a class-map

class-map match-all ratelimit

match access-group 100

Define a policy map.

policy-map rate

class ratelimit

police 2000000 64000 exceed-action drop

and then apply this policy under the interface.

interface

service-policy input rate

3550 also supports egress policies , but you can not use acl based classification. Classification based only on dscp values can be used for egress policers.

For more information , please take a look here.

http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12120ea2/3550scg/swqos.htm

Hope this helps.

Salman Z.

pgasparovic Thu, 01/05/2006 - 09:12

Hello Salman,

I wonder about your statement that it's running the way you present.

1) First, you just use an IP ACL, what's untrue when compared to what this doc states :

http://www.cisco.com/en/US/customer/products/hw/switches/ps646/products_tech_note09186a00800feff5.shtml

saying that two ACLs, IP and MAC are needed to limit all port traffic.

2) It's not known which of EMI or SMI images is the "chosen one" to deliver the function, because the doc states that policing is available for either version.

It's probably a cheat, because we manage to run it only with EMI image.

Actions

Login or Register to take actions

This Discussion

Posted October 8, 2005 at 4:07 PM
Stats:
Replies:3 Avg. Rating:5
Views:210 Votes:0
Shares:0
Tags: No tags.

Discussions Leaderboard

Rank Username Points
1 2,069
2 1,732
3 1,675
4 1,624
5 1,529