Cisco Support Community
Showing results for 
Search instead for 
Did you mean: 
New Member

QoS - what police command does?

I am trying to design a QoS policy for my ATM Subinterfaces. I designed the

following policy. My intent is that in any situation my gold traffic should be

transmitted utgently. So if there is a need to drop other traffic, then drop them.

My critical traffic is gold one.

class-map match-any class_gold

match access-group 94

policy-map Output_policy

class class_gold

priority 80

class class-default

bandwidth remaining percent 100

police 100000 2000 4000 conform-action transmit exceed-action drop

But when I see the output of "show policy-map int ATM2/0.68" command,

the output is this:

ATM2/0.68: VC 13/41 -

Service-policy output: GHSDSL_policy

Class-map: class_gold (match-any)

354 packets, 73412 bytes

5 minute offered rate 2000 bps, drop rate 0 bps

Match: access-group 94

354 packets, 73412 bytes

5 minute rate 2000 bps


Strict Priority

Output Queue: Conversation 40

Bandwidth 80 (kbps) Burst 2000 (Bytes)

(pkts matched/bytes matched) 0/0

(total drops/bytes drops) 0/0

Class-map: class-default (match-any)

615 packets, 152169 bytes

5 minute offered rate 6000 bps, drop rate 2000 bps

Match: any


Output Queue: Conversation 41

Bandwidth remaining 100 (%) Max Threshold 64 (packets)

(pkts matched/bytes matched) 23/1787

(depth/total drops/no-buffer drops) 0/0/0


cir 100000 bps, bc 2000 bytes

conformed 558 packets, 125082 bytes; actions:


exceeded 56 packets, 27055 bytes; actions:


conformed 4000 bps, exceed 2000 bps

O My God! For class-default, 5 minute offered rate 6000 bps,

but its drop rate 2000 bps. Accordinf to my design (or my intent)

it should be zero until it reaches 100 Kbps. What is the problem?

New Member

Re: QoS - what police command does?


What type of traffic is mainly being transmitted within your class default? Is it UDP or TCP?

If it is mainly TCP then it is the bursty nature of the protocol that is being dropped. Although the traffic over the 5 minute period is not going above the 100kbps limit, the traffic is bursting above 100kbps in the policing sampling period and hence will be dropped. An alternative to this is to use traffic shaping on your default class, this will buffer up the excess traffic and then send it on when the bandwidth is available. It also has the advantage that it will improve performace for TCP streams as TCP will throtle back correctly whereas with traffic policing it has a habit of not doing so.

Comparison of Policing and Traffic Shaping

Hope that helps

New Member

Re: QoS - what police command does?

Thanks a lot for your answer. But when I replaced the police command with the shape average command, I couldn't apply the command at the pvc. When I applied it at the pvc, it didn't produce any error. But the subinterface configuration haven't changed. May bandwidth be a reason for this? Bandwidth is 256 Kbps for each pvc.

New Member

Re: QoS - what police command does?

I was only able to apply it to the pvc as an inbound policy and not an outbound. Depending upon your network configuration you may be able to apply it to the remote end of the circuit if it is point-to-point.

New Member

Re: QoS - what police command does?

As usual, I have a hub&spoke topology. At the center, I have 34 Mbps ATM and 256 Kbps Gshdsl lines at remote ends. I applied only priority queue to the output of each pvc at the center. The rest is default queue. But I see that the priority does not work. I mean that when there is a congestion (200 Kbps traffic), my critical traffic also have congestion. So my applications does not work. So I decided to put a limit for default class. The limit is 100 Kbps. As I said earlier, then the default class applications couldn't work. Because it drops at the 6000 bps output rate, not 100000 bps. How can I solve this issue?

New Member

Re: QoS - what police command does?

It is dropping at the 100,000 bps rate, but because the load interval is over five minutes it averages out at 6000bps.

One option might be to deploy an inbound policy map at each of the 256k sites, traffic like TCP should respond correctly to being shaped. The values for the shaping should also be in multiples of 64000, ie 128000 not 100000.

Also use the "load-interval 30" command in the main interface, this will change the values that you see so that they are over 30 seconds not five minutes.

Give it a try on one of your sites that experiance the problems.

New Member

Re: QoS - what police command does?

I entered the value of the shaping as 128000. But at the output of pvc, it is not accepted.

Also at the center, There is an 34Mbps ATM interface. No inidivdual lines for each 256 Kbps pvc. It is a Cisco 3745 Router interface. The input is a fastethernet interface.

Problem continues...

CreatePlease to create content