cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
2471
Views
0
Helpful
12
Replies

shape average on 720x

rmv72
Level 1
Level 1

I tryed to configure policy on gigabit ethernet interface and got message -

pdc-c7604-gt(config)#policy-map OUTSIDE

pdc-c7604-gt(config-pmap)# class ISA2SPB

pdc-c7604-gt(config-pmap-c)#shape average 256000

pdc-c7604-gt(config)#int gi1/9

pdc-c7604-gt(config-if)#service-policy output OUTSIDE

shape average command is not supported in output direction for this interface

Configuration failed on:

GigabitEthernet1/9

Why i can't do it?

1 Accepted Solution

Accepted Solutions

n.nandrekar
Level 4
Level 4

Hi!

It looks like you are using a Lan card there. Lan cand doesnot support shaping. You will require OSM WAN Ports (includes GE-WAN ports, but not GigabitEthernet ports) or wan cards like Flexwan/SIP200/SIP400 to support shaping.

Lan cards are lower end cards and donot have sufficient h/w resources to support shaping. The Qos functionality on Lan cards is limited as there is not much necessity of Qos on Lan side of the networks where ample bandwidth is available.

Hope this solves your query. (please mark the post if it was helpful)

Regards,

Niranjan

View solution in original post

12 Replies 12

n.nandrekar
Level 4
Level 4

Hi!

It looks like you are using a Lan card there. Lan cand doesnot support shaping. You will require OSM WAN Ports (includes GE-WAN ports, but not GigabitEthernet ports) or wan cards like Flexwan/SIP200/SIP400 to support shaping.

Lan cards are lower end cards and donot have sufficient h/w resources to support shaping. The Qos functionality on Lan cards is limited as there is not much necessity of Qos on Lan side of the networks where ample bandwidth is available.

Hope this solves your query. (please mark the post if it was helpful)

Regards,

Niranjan

i tryed to find info about lan card, but failed. Can you send me link about it?

The limitation is due to the PFC, more information can be found at:

http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SXF/native/configuration/guide/qos.html#wp1720400

HTH,

__

Edison.

i've configured policy

policy-map OUTSIDE

class ISA2SPB

police cir 256000 bc 8000 be 8000 conform-action transmit exceed-action drop violate-action drop

class class-default

!

!

interface GigabitEthernet1/9

description # link to GT MAN #

bandwidth 100000

ip address 1.1.1.222 255.255.255.0

load-interval 30

service-policy output OUTSIDE

=================

From sh int gi1/9 output i can see output rate

30 second output rate 6729000 bits/sec, 2421 packets/sec

but from sh policy-map gi1/9 i see only rate in class ISA2SPB not any other types of traffic-

pdc-c7604-gt#sh policy-map int gi1/9

GigabitEthernet1/9

Service-policy output: OUTSIDE

class-map: ISA2SPB (match-any)

Match: access-group name ISA2SPB

police :

256000 bps 8000 limit 8000 extended limit

Earl in slot 1 :

8142651 bytes

30 second offered rate 223544 bps

aggregate-forwarded 7549964 bytes action: transmit

exceeded 592687 bytes action: drop

aggregate-forward 208672 bps exceed 14800 bps

Class-map: class-default (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps, drop rate 0 bps

Match: any

Class-default has rate 0.

Why it so?

Let's see the class ISA2SPB portion of the config.

__

Edison.

Here -

class-map match-any ISA2SPB

match access-group name ISA2SPB

!

ip access-list extended ISA2SPB

permit ip 10.90.5.0 0.0.0.255 10.20.22.0 0.0.0.255

permit ip 10.90.6.0 0.0.0.255 10.20.22.0 0.0.0.255

!

..And you have traffic traversing that link that does not match the source and destination on that ACL?

If so, it should be under the default class. Can you post the entire config?

__

Edison.

i created new policy -

ip access-list extended DC2ANY

permit ip 10.90.0.0 0.0.0.255 any

ip access-list extended INET2ANY

permit ip 10.90.5.0 0.0.0.255 any

ip access-list extended SMTP2ANY

permit ip 10.90.6.0 0.0.0.255 any

class-map match-any DC2ANY

match access-group name DC2ANY

class-map match-any INET2ANY

match access-group name INET2ANY

class-map match-any SMTP2ANY

match access-group name SMTP2ANY

!

!

policy-map OUTSIDE

class SMTP2ANY

class INET2ANY

class DC2ANY

class class-default

and attached it to int gi1/9

interface GigabitEthernet1/9

service-policy output OUTSIDE

I created empty policy to see that policy is working. In case when nothing matched by classes SMTP2ANY,INET2ANY,DC2ANY i should see that class class-default is working but it doesn't.

Here output of sh policy-map int gi1/9-

pdc-c7604-gt#sh policy-map int gi1/9

GigabitEthernet1/9

Service-policy output: OUTSIDE

Class-map: SMTP2ANY (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps

Match: access-group name SMTP2ANY

0 packets, 0 bytes

30 second rate 0 bps

Class-map: INET2ANY (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps

Match: access-group name INET2ANY

0 packets, 0 bytes

30 second rate 0 bps

Class-map: DC2ANY (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps

Match: access-group name DC2ANY

0 packets, 0 bytes

30 second rate 0 bps

Class-map: class-default (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps, drop rate 0 bps

Match: any

And sh int gi1/9-

30 second input rate 4542000 bits/sec, 2904 packets/sec

30 second output rate 20398000 bits/sec, 4938 packets/sec

How about if you create an 'action' for class class-default like shape or average. Does it work then?

__

Edison.

Yes, in that case policy works-

pdc-c7604-gt#sh policy-map int gi1/9

GigabitEthernet1/9

Service-policy output: OUTSIDE

class-map: SMTP2ANY (match-any)

Match: access-group name SMTP2ANY

police :

3000000 bps 93000 limit 93000 extended limit

Earl in slot 1 :

2034447 bytes

30 second offered rate 423832 bps

aggregate-forwarded 2034447 bytes action: transmit

exceeded 0 bytes action: drop

aggregate-forward 1146552 bps exceed 0 bps

class-map: INET2ANY (match-any)

Match: access-group name INET2ANY

police :

3000000 bps 93000 limit 93000 extended limit

Earl in slot 1 :

5556859 bytes

30 second offered rate 1171120 bps

aggregate-forwarded 5058455 bytes action: transmit

exceeded 498404 bytes action: drop

aggregate-forward 2918808 bps exceed 379904 bps

class-map: DC2ANY (match-any)

Match: access-group name DC2ANY

police :

3000000 bps 93000 limit 93000 extended limit

Earl in slot 1 :

3966661 bytes

30 second offered rate 813136 bps

aggregate-forwarded 3953616 bytes action: transmit

exceeded 13045 bytes action: drop

aggregate-forward 2069088 bps exceed 2808 bps

class-map: class-default (match-any)

Match: any

police :

5000000 bps 156000 limit 156000 extended limit

Earl in slot 1 :

4436907 bytes

30 second offered rate 934400 bps

aggregate-forwarded 4436907 bytes action: transmit

exceeded 0 bytes action: drop

aggregate-forward 2625168 bps exceed 0 bps

Why it has such behavior?

You need to have an action for the packets to be matched. Think of an ACL without a permit or deny statement, it does nothing.

HTH,

__

Edison.

Please rate helpful posts

I agree- in classes exclude class-default there are not ACL ( and matches). But for class class-default it should work because that class should matches all

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: