Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Traffic Policing on access 3750 switch with based on IP address

Hi Everyone,

I have question about traffic policing and I am not sure where should I implement it. I have server (10.1.1.1.2) in the access gig switch (Cat-3750) want to limited to like 500MB only when it cross different vlan (192.168.1.2). We have 6513 is acting as Distribution/Core, and distribution is a layer 2 switching (Cat-3750). I want to apply the traffic policing (drop the traffic) on edge switch if possible. So I am wondering if I can use ext. acl in access switch with source 10.1.1.2 dest 192.168.1.2 and apply it to policy-map and drop if violation happens. I know I can use bandwidth limit but user may move to different port on the same switch. Maybe the only way to do this is on core? Any suggestions or opinions are appreciated.

Best Regards,

=J=

  • LAN Switching and Routing
1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: Traffic Policing on access 3750 switch with based on IP addr

3 REPLIES
New Member

Re: Traffic Policing on access 3750 switch with based on IP addr

class-map match-all police

match access-group name police

policy-map rate-limit

class police

police cir 50000000 bc 25000

conform-action transmit

exceed-action drop

ip access-list extended police

permit ip host 10.1.1.2 host 192.168.1.2

I would apply this policy on the core inbound

New Member

Re: Traffic Policing on access 3750 switch with based on IP addr

Hi wgoulart,

Thanks for detailed command. Just wondering do you have other suggestion in access switch as well? I really like to have these in access switch so at least traffic is not hitting distribution layer as well. I understand the core is handling the layer 3 so traffic policing with ip will only works on core. Is there any other policing method I can implement in access layer and is based on IP or Mac address of server as well?

Thanks,

=J=

New Member

Re: Traffic Policing on access 3750 switch with based on IP addr

386
Views
0
Helpful
3
Replies