Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
461
Views
0
Helpful
1
Replies

QoS on 4506

fgeta
Level 1
Level 1

‎02-26-2007 08:15 AM - edited ‎03-14-2019 08:13 PM

Dear all,

I am designing QoS on Cisco 4506 switch using ACL. I have Sup II+10GE 10GE module.

The following error message I am getting:

Feb 26 16:05:16: %C4K_HWACLMAN-4-ACLHWPROGERRREASON: Input(194/Normal, null) PolicyMap: IPPHONE+PC - hardware TCAM policers exceeded.

Feb 26 16:05:26: %C4K_HWACLMAN-4-ACLHWPROGERR: Input PolicyMap: IPPHONE+PC - hardware TCAM limit, qos being disabled on relevant interface.

My config as follows:

class-map match-all DVLAN-PC-VIDEO

match access-group name DVLAN-PC-VIDEO

class-map match-all VVLAN-CALL-SIGNALING

match access-group name VVLAN-CALL-SIGNALING

class-map match-all VVLAN-VOICE

match access-group name VVLAN-VOICE

class-map match-all VVLAN-ANY

match access-group name VVLAN-ANY

!

!

policy-map DBL

class class-default

dbl

policy-map IPPHONE+PC

class VVLAN-VOICE

set dscp ef

police 128 kbps 8000 byte conform-action transmit exceed-action drop

class VVLAN-CALL-SIGNALING

set dscp cs3

police 32 kbps 8000 byte conform-action transmit exceed-action policed-dscp-transmit

class DVLAN-PC-VIDEO

set dscp af41

police 500 kbps 8000 byte conform-action transmit exceed-action policed-dscp-transmit

class VVLAN-ANY

set dscp default

police 32 kbps 8000 byte conform-action transmit exceed-action policed-dscp-transmit

class class-default

set dscp default

interface GigabitEthernet2/5

switchport access vlan dynamic

switchport mode access

switchport voice vlan 72

ip arp inspection limit rate 100

speed auto 10 100

qos trust device cisco-phone

tx-queue 1

bandwidth percent 5

tx-queue 2

bandwidth percent 25

tx-queue 3

bandwidth percent 30

priority high

shape percent 30

tx-queue 4

bandwidth percent 40

spanning-tree portfast

spanning-tree bpduguard enable

service-policy input IPPHONE+PC

service-policy output DBL

ip verify source vlan dhcp-snooping

ip access-list extended DVLAN-PC-VIDEO

permit udp any any range 16384 32767

ip access-list extended VVLAN-ANY

permit ip 172.17.192.0 0.0.1.255 any

ip access-list extended VVLAN-CALL-SIGNALING

permit tcp 172.17.192.0 0.0.1.255 any range 2000 2002

ip access-list extended VVLAN-VOICE

permit udp 172.17.192.0 0.0.1.255 any range 16384 32767

Hope you would help me.

Thanks,

Labels:
0 Helpful
1 Reply 1

wdrootz
Level 4
Level 4

‎03-02-2007 11:39 AM

Workaround:

Disabling DHCP snooping and enabling it again.

0 Helpful
Customers Also Viewed These Support Documents