Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
571
Views
5
Helpful
4
Replies

Per Vlan Qos

mohammedrafiq
Level 1
Level 1

‎08-03-2007 03:47 AM - edited ‎03-05-2019 05:41 PM

Hi,

We have the requirment to rate limit our 1Gig Trunk port into Vlan-7 to 700M and Vlan-3 to 300M,We will use 3560/3750 switch ,and it will be purely L2, no routing.Please advice me best solution.

Labels:
0 Helpful
4 Replies 4

Pavel Bykov
Level 5
Level 5

‎08-03-2007 05:02 AM

Depends if you want to apply it only on onle link or on whole network.

QoS is usually done end-to-end, but if you want it only on one link you can use by setting CoS on incoming ports, and then setting up srr-queues by assigning buffer percentages to the output queues.

Or you can use Policing with MQC. Either by VLAN or per port. Even in Layer 2 there is L3 inspection, so you can use access lists.

If you have VLAN1 with 10.1.1.0/24 and VLAN2 with 10.2.2.0/24, then you can use:

access-list 1 permit 10.1.1.1 0.0.0.255

access-list 2 permit 10.2.2.2 0.0.0.255

class-map match-any vl1

match access-group 1

class-map match-any vl2

match access-group 2

policy-map test

class vl1

police 700000000 20000000

class vl2

police 300000000 9000000

interface gi XX/XX/XX

service-policy input test

refer to this document for buffer management

http://www.cisco.com/en/US/customer/products/hw/switches/ps5528/products_configuration_guide_chapter09186a00803a9b16.html

mohammedrafiq
Level 1
Level 1
In response to Pavel Bykov

‎08-03-2007 11:23 AM

THANKS,

I will try it,trunk link is between 2 switches, can I do this on both ends?

Regards,

0 Helpful

Pavel Bykov
Level 5
Level 5
In response to mohammedrafiq

‎08-03-2007 01:45 PM

There are many ways to do it, but if you are going to use the example you would have toapply it on both sides. The example provided can only be used as INPUT service policy, so you need to apply same configuration on both ends, but with reverse ACL.

ACL provided in example only uses source address match. on the other end you need to write it for destination. As in:

access-list 111 permit ip any 10.1.1.1 0.0.0.255

access-list 112 permit ip any 10.2.2.2 0.0.0.255

class-map match-any vl1

match access-group 111

class-map match-any vl2

match access-group 112

policy-map test

class vl1

police 700000000 20000000

class vl2

police 300000000 9000000

interface fa 0/41

service-policy input test

Check to see if the packets match into your classes with

"show policy-map interface gigaXX/XX/XX" command (the trunk).

Also, you might have to adjust burst sizes, since I have included recommended burst size, which is POLICE_RATE/32. But it may have to be reduced, depending on the switch. You can use smaller bursts, like 1MB (1000000). It will be ok at that speed.

0 Helpful

mohammedrafiq
Level 1
Level 1
In response to Pavel Bykov

‎08-06-2007 06:58 AM

Hi,

I have applied the config on both side of trunk link, but can only see service policy command on one side, not other, is this normal or bug?.

------

NOT showing on this sw

CE#sh run int gi1/0/1

Building configuration...

Current configuration : 134 bytes

!

interface GigabitEthernet1/0/1

switchport trunk encapsulation dot1q

switchport trunk allowed

vlan 1,2

switchport mode trunk

-------------------

showing on this sw.

Switch#sh run int gi1/0/1

Building configuration...

Current configuration : 161 bytes

!

interface GigabitEthernet1/0/1

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 1,2

switchport mode trunk

service-policy input test <-----------

end

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card