Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Cisco 2950 rate limiting

Good evening I must limit the rate bandwidth of a host plugged on my Fastethernet.

In my lab configuration I try in conjunction the comand: class-map policy-map and a access-list that match my interesting traffic as follow below:

class-map match-all CM5

match access-group name maclist1



policy-map PM5

class CM5

police 50000000 4096 exceed-action drop


mac access-list extended maclist1

permit any any

This the output of my #sh int

5 minute input rate 5577000 bits/sec, 442 packets/sec

5 minute output rate 247000 bits/sec, 388 packets/sec

Anyone have try to limiting the bandwidth on the switch 2950 with IOS Version 12.1(22)E3

Can anyone tell me the aright parameter of policy-map to limite the rate at 15 or 20Mbps?

Any information that you can send me are welcomed.

Best Regards


New Member

Re: Cisco 2950 rate limiting

Hi Davide,

I've posted a similar question earlier, but I was configuring a Catalyst 3560. Kindly refer to my post:

You should configure 15000000 as the first parameter in the "police" command, to rate-limit at 15-Mbps.

How did you determine the burst size of 4096 bytes? I have problem determining the right burst size. Setting a low burst size affects the host from reaching the average rate.

Appreciate it if you can share some ideas to solve my issue.

Thank you.


Lim TS

Re: Cisco 2950 rate limiting

police 50000000 4096 exceed-action drop is policing at 50 Mbps. You want 15 Mbps. Also, you will not see drops until the ingress traffic rate on that port exceeds 50 Mbps. Eventhough, the input rate output is at 5 min interval which would not really gie you an accurate idea of how much traffic is ingressing, I doubt that the traffic is exceeding the policed value. In testing this also, you need to make sure that the upload is coming from the PC where the policed ingress is configured since the police is only supported in ingress. What that basically means is if you FTP/Download from the PC with the police you will find that the download speed is still well above the policed rate that's because the the download on this PC's perspective is an egress rate. Just something to think about when policing on ingress. This platfomr does not support egress policing.

New Member

Re: Cisco 2950 rate limiting

Hi Lim TS and bosalaza thanks very much for your answers which has a good help to know additional information about the argument.

I've determine burst size of 4096 bytes reading this link:

that explain at STEP 6, the alright parameter on the 10/100 ports.

Now I don't have yet resolve my problem, an I think to Open a case with TAC to have additional help.

Tahnk's very much for your help!

Best regards