From: Min Hong (mincisco@gmail.com)
Date: Tue Dec 19 2006 - 07:01:59 ART
Hi All
From
http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/1219ea1/3550scg/swqos.htm#58444
This example shows how to create an aggregate policer and attach it to
multiple classes within a policy map. In the configuration, the IP ACLs
permit traffic from network 10.1.0.0 and from host 11.3.1.1. For traffic
coming from network 10.1.0.0, the DSCP in the incoming packets is trusted.
For traffic coming from host 11.3.1.1, the DSCP in the packet is changed to
56. The traffic rate from the 10.1.0.0 network and from host 11.3.1.1 is
policed. If the traffic exceeds an average rate of 48000 bps and a normal
burst size of 8000 bytes, its DSCP is marked down (based on the policed-DSCP
map) and sent. The policy map is attached to an ingress interface.
Switch(config)# *access-list 1 permit 10.1.0.0 0.0.255.255
*
Switch(config)# *access-list 2 permit 11.3.1.1
*
Switch(config)# *mls qos aggregate-police transmit1 48000 8000 exceed-action
policed-dscp-transmit
*
Switch(config)# *policy-map aggflow1
*
Switch(config-pmap)# *class ipclass1 access-group 1
*
Switch(config-pmap-c)# *trust dscp
*
Switch(config-pmap-c)#
*police aggregate transmit1
*
Switch(config-pmap-c)# *exit
*
Switch(config-pmap)# *class ipclass2 access-group 2
*
Switch(config-pmap-c)# *set ip dscp 56
*
Switch(config-pmap-c)#
*police aggregate transmit1
*
Switch(config-pmap-c)# *exit
*
Switch(config-pmap)# *exit
*
Switch(config)# *interface gigabitethernet0/1
*
Switch(config-if)# *service-policy input aggflow1
*
Switch(config-if)# *exit
*
On 11/24/06, Salman Abbas <dukelondon@gmail.com > wrote:
>
> Hi Alexei,
>
> Thanks for the reply. Just to confirm whether I've correctly understood u
> or
> not, Lets say the question says: maximum is 256kbps and normal is
> 64Kbps,
> would that mean that I'll do
>
> Normal bytes = 256k - 64k = 192k => to bytes 24000, so the police command
> would be
>
> police 64000 24000 exceed action drop
>
> Regards,
>
> Salman
>
>
> On 11/23/06, Alexei Monastyrnyi <alexeim@orcsoftware.com> wrote:
> >
> > Hi.
> >
> > If I understand it right from DocCD, normal burst is what you have above
>
> > the police rate. 256k-128k=128k => to bytes 16000/ If it should be
> > considered together with police rate, then just 256k=>32000 bytes. In
> > either case police rate should be 128000, not 256000 IMO.
> >
> > I would go for
> > police 128000 16000 exceed action drop
> >
> > HTH
> > a.
> >
> > Salman Abbas wrote:
> > > Hi guys,
> > >
> > > Pls help to answer the following question:
> > >
> > >
> > > On SW1 int fa0/6, limit all UDP traffic by maximum 256Kbps and normal
> > > 128Kbps to avoid congestion on your VLAN.
> > >
> > >
> > > My solution is:
> > >
> > > mls qos
> > > access-list 101 permit udp any any
> > >
> > > class-map LIMIT
> > > match access-group 101
> > >
> > > policy-map POLICE
> > > class LIMIT
> > > police 256000 _____ exceed action drop
> > >
> > > int fa0/6
> > > service-policy input POLICE
> > >
> > > Now the part that I dont understand is that second value in the police
>
> > > command which is "Burst in bytes". How can I calculate it based on the
> > > question above? Also, am I missing anyting else in my configuration?
> > >
> > >
> > > Thanks in advance,
> > >
> > > Cheers!!!
> > >
> > > Salman
>
> _______________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/list/CCIELab.html
This archive was generated by hypermail 2.1.4 : Tue Jan 02 2007 - 07:50:38 ART