QoS 2960/3750: policing ingress bandwith of multiple ports
I'm looking for a solution to this problem:
I get ingress traffic from multiple ports (one VLAN), egressing at one single port, which is connected to a trunk line with small bandwidth.
I would like to limit the aggregated traffic of these ports to a certain bandwidth. Unfortunately, the 2960 and 3750 have no egress policing, only ingress. In addition to that, ingress policing can only be done per port, that is each single port can be limited, but not the aggregated traffic from a group of ports.
In this configuration each ingress port can send up to 3 Mbps, adding up to 6 Mbps egress traffic on the trunk.
Here is a hardware workaround: I connect two ports with a crossover cable, put all ingress ports together with one side of the crossover cable into a new VLAN, the other side of the crossover cable into the old VLAN, applying the service-policy to this side of the crossover cable.
Re: QoS 2960/3750: policing ingress bandwith of multiple ports
On the 2960/3560 platform their is an aggregate policer function that provides the functionality you are looking for. Below is an example I use to control routing control traffic on CPE device we provide.
Our example uses this feature to do a rate-limit of routing control traffic. In some instances, we need to give routing control (prec 6 & 7) highest priority, even higher than voice and video, but we also don't want a rouge device or config to take advantage of this, so we give only the first 100k of routing control high priority, everything over 100k gets transmitted but at the same level as routine traffic.
We are pleased to announce availability of Beta software for 16.6.3. 16.6.3 will be the second rebuild on the 16.6 release train targeted towards Catalyst 9500/9400/9300/3850/3650 switching platforms. We are looking for early feedback from custome...