Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1763
Views
0
Helpful
5
Replies

2950 Traffic Policing

evantol
Level 1
Level 1

‎03-09-2006 03:54 PM - edited ‎03-03-2019 02:12 AM

Hi,

I'm trying to configure traffic policing on a Catalyst 2950. The config is pretty straight-forward, or so I thought. I need to set up several policy-maps, each one policing traffic at different levels (5meg, 10meg, 20meg, etc.). My problem is, anything above 1Meg just doesn't seem to work as expected. Here's my config for a 10Meg policer:

class-map match-all ALL-TRAFFIC

match access-group 1

!

policy-map 10mbs

class ALL-TRAFFIC

police 10000000 65536 exceed-action drop

!

access-list 1 permit any

Here's the interface config:

interface FastEthernet0/24

switchport access vlan 53

load-interval 30

service-policy input 10mbs

spanning-tree portfast

spanning-tree bpdufilter enable

spanning-tree link-type point-to-point

!

What happens is, when uploading files from the server attached to this port (ingress to the switch), my throughput is nowhere near 10Mb/s. I only end up getting about 2Mb/s consistently, with a large 600MB ISO file transfer.

I've configured policers before in routers and other types of switches and I would at least get around 7 to 8Mb/s, if not immediately, after some time, due to TCP's native congestion avoidance. I may be missing something blatantly obvious, though, as I've been wrestling with this the past few hours.

Labels:
0 Helpful
5 Replies 5

pkhatri
Level 11
Level 11

‎03-09-2006 03:58 PM

It may not be the policer that is the issue - what happens if you try the transfer without the policer applied ? What sort of rate do you get ?

Paresh

0 Helpful

evantol
Level 1
Level 1
In response to pkhatri

‎03-10-2006 04:19 AM

Without the policer, I can get between 50 to 60Mb/s transfer rates. If I boost the policer up to 25000000, I can get marginally better results, transferring around 2.5Mb/s.

0 Helpful

andrew.butterworth
Level 7
Level 7
In response to evantol

‎03-10-2006 04:50 AM

Although the page is about the 3550 I think most of the information is relevent to the 2950 as well (although the 2950 doesn't support the granularity of the 3550).

http://www.cisco.com/en/US/partner/products/hw/switches/ps646/products_tech_note09186a00800feff5.shtml

Have you tried using non connection-oriented traffic (UDP) to see what rates you achieve? I suspect TCP is probably suffering due to the policer dropping the packets.

HTH

Andy

0 Helpful

evantol
Level 1
Level 1
In response to andrew.butterworth

‎03-10-2006 05:07 AM

Actually, I have tried this and I see quite the opposite occurring. I end up being able to push *more* than the 10Mb/s policer rate.

0 Helpful

evantol
Level 1
Level 1
In response to pkhatri

‎03-10-2006 04:57 AM

An Ethereal capture shows with the policer applied, some out-of-order TCP segments, but not a lot. I do see a huge amount of retransmissions and duplicate ACKs, which would account for the slow throughput. However, I wouldn't expect the policer to be limiting at such a low rate, in effect, causing these retransmissions to constantly occur.

I even went so far as to limit the FTP transfer software to only upload at 2.4Mb/s, well under the 10Mb/s limit, but that didn't produce any different results.

0 Helpful
Customers Also Viewed These Support Documents