03-09-2006 10:11 AM - edited 03-03-2019 02:12 AM
Good evening I must limit the rate bandwidth of a host plugged on my Fastethernet.
In my lab configuration I try in conjunction the comand: class-map policy-map and a access-list that match my interesting traffic as follow below:
class-map match-all CM5
match access-group name maclist1
!
!
policy-map PM5
class CM5
police 50000000 4096 exceed-action drop
!
mac access-list extended maclist1
permit any any
This the output of my #sh int
5 minute input rate 5577000 bits/sec, 442 packets/sec
5 minute output rate 247000 bits/sec, 388 packets/sec
Anyone have try to limiting the bandwidth on the switch 2950 with IOS Version 12.1(22)E3
Can anyone tell me the aright parameter of policy-map to limite the rate at 15 or 20Mbps?
Any information that you can send me are welcomed.
Best Regards
Davide
03-09-2006 10:32 AM
Hi Davide,
I've posted a similar question earlier, but I was configuring a Catalyst 3560. Kindly refer to my post:
You should configure 15000000 as the first parameter in the "police" command, to rate-limit at 15-Mbps.
How did you determine the burst size of 4096 bytes? I have problem determining the right burst size. Setting a low burst size affects the host from reaching the average rate.
Appreciate it if you can share some ideas to solve my issue.
Thank you.
B.Rgds,
Lim TS
03-09-2006 10:42 AM
police 50000000 4096 exceed-action drop is policing at 50 Mbps. You want 15 Mbps. Also, you will not see drops until the ingress traffic rate on that port exceeds 50 Mbps. Eventhough, the input rate output is at 5 min interval which would not really gie you an accurate idea of how much traffic is ingressing, I doubt that the traffic is exceeding the policed value. In testing this also, you need to make sure that the upload is coming from the PC where the policed ingress is configured since the police is only supported in ingress. What that basically means is if you FTP/Download from the PC with the police you will find that the download speed is still well above the policed rate that's because the the download on this PC's perspective is an egress rate. Just something to think about when policing on ingress. This platfomr does not support egress policing.
http://www.cisco.com/univercd/cc/td/doc/product/lan/cat2950/12122ea5/2950scg/swqos.htm#wp1025402
03-10-2006 04:43 AM
Hi Lim TS and bosalaza thanks very much for your answers which has a good help to know additional information about the argument.
I've determine burst size of 4096 bytes reading this link:
that explain at STEP 6, the alright parameter on the 10/100 ports.
Now I don't have yet resolve my problem, an I think to Open a case with TAC to have additional help.
Tahnk's very much for your help!
Best regards
Davide
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide