Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Rate Limit Cisco 3550

Hi i'm trying to rate limit a port that connects to a guest wireless network (see config), any ideas where i'm going wrong? I've looked at all docs i could find and config does seem ok, however traffic is not limited

class-map match-all 1M

match access-group 100

policy-map GUEST_RATE

class 1M

police 1000000 32000 exceed-action drop

interface GigabitEthernet0/1

switchport access vlan 106

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 106

no ip address

service-policy input GUEST_RATE

access-list 100 permit ip any any

1 ACCEPTED SOLUTION

Accepted Solutions
Hall of Fame Super Bronze

Re: Rate Limit Cisco 3550

Can you specify the mode of the interface as trunk or access?

switchport mode trunk

As of now, it's set to dynamic trunking and the documentation states the following:

When configuring policing and policers, keep these items in mind:

•By default, no policers are configured.

•Policers can be configured only on a physical port or on a per-port per-VLAN basis (specifies the bandwidth limits for the traffic on a per-VLAN basis, for a given port). Per-port per-VLAN policing is not supported on routed ports or on virtual (logical) interfaces. It is supported only on an ingress port configured as a trunk or as a static-access port.

•Only one policer can be applied to a packet per direction.

•Only the average rate and committed burst parameters are configurable.

•Policing can occur on ingress and egress interfaces:

You can also modify the config as follow, by using the class-default:

policy-map GUEST_RATE

class class-default

police 1000000 32000 exceed-action drop

interface GigabitEthernet0/1

switchport access vlan 106

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 106

switchport mode trunk

no ip address

service-policy input GUEST_RATE

HTH,

__

Edison.

2 REPLIES
Hall of Fame Super Bronze

Re: Rate Limit Cisco 3550

Can you specify the mode of the interface as trunk or access?

switchport mode trunk

As of now, it's set to dynamic trunking and the documentation states the following:

When configuring policing and policers, keep these items in mind:

•By default, no policers are configured.

•Policers can be configured only on a physical port or on a per-port per-VLAN basis (specifies the bandwidth limits for the traffic on a per-VLAN basis, for a given port). Per-port per-VLAN policing is not supported on routed ports or on virtual (logical) interfaces. It is supported only on an ingress port configured as a trunk or as a static-access port.

•Only one policer can be applied to a packet per direction.

•Only the average rate and committed burst parameters are configurable.

•Policing can occur on ingress and egress interfaces:

You can also modify the config as follow, by using the class-default:

policy-map GUEST_RATE

class class-default

police 1000000 32000 exceed-action drop

interface GigabitEthernet0/1

switchport access vlan 106

switchport trunk encapsulation dot1q

switchport trunk allowed vlan 106

switchport mode trunk

no ip address

service-policy input GUEST_RATE

HTH,

__

Edison.

New Member

Re: Rate Limit Cisco 3550

Changed to match as above making the interface an access port only and it now works a treat

thank you very much for your quick reply and help sorting

regards

Jonathan

2003
Views
0
Helpful
2
Replies