Re: 3560 policing from Carlos G Mendioroz on 2012-08-16 (Ccielab archives 08/2012)

From: Carlos G Mendioroz <tron_at_huapi.ba.ar>
Date: Thu, 16 Aug 2012 20:12:29 -0300

Joe Sanchez @ 16/08/2012 19:28 -0300 dixit:
> Carlos,
> Can you share a little of your conifguration of a single policed VLAN?
> Thanks
>

Sure:
mls qos
...
class-map match-all calabozoin
  match access-group 121
class-map match-all fromEduca71
  match input-interface GigabitEthernet1/0/24
class-map match-all fromEduca72
  match input-interface GigabitEthernet2/0/24

policy-map me-in
  class calabozoin
   set ip precedence 1
   service-policy pol-me-in

policy-map pol-me-in
  class fromEduca71
   police 1000000 8000 exceed-action drop
  class fromEduca72
   police 1000000 8000 exceed-action drop
...
interface GigabitEthernet1/0/24
  description SF08-A (trunk)
  switchport trunk encapsulation dot1q
  switchport mode trunk
  mls qos vlan-based
...
interface Vlan7
  service-policy input me-in
...

Joe Sanchez @ 16/08/2012 19:35 -0300 dixit:> This is all that I can
think of to view the statistics.
>
> show mls qos maps policed-dscp
>
> show mls qos interface
>
> show mls qos interface interface x/y policers
>
> show mls qos interface interface x/y statistics

All of them do not show data. Show policers seem to be directed to a
policer attached to the whole interface. Show stats also show that as a
last line. It seems there's no way to find out what's going on, which is
troubling. They are working for sure, but who knows how...

Thanks for paying attention,
-Carlos

> On Thu, Aug 16, 2012 at 4:36 AM, Carlos G Mendioroz <tron_at_huapi.ba.ar
> <mailto:tron_at_huapi.ba.ar>> wrote:
>
> Hi,
> I have been trying to use a 3750 to do per port per vlan policing.
> These small headed switches can do hardware policing, and support
> some CBMQC configurations.
> To do policing on a per port per vlan you need a 2 level policy with
> class and some action on parent and incoming interface selection +
> police on child applied on SVI, and mls qos vlan based on IF, AFAIK.
>
> This seems to work, but the problem is that I have not found any
> command that actually shows that, i.e., how many conforming and
> dropped packets are there.
>
> Any hints ?
> Show mls qos interface policers and stats do not show info :(
>
> TIA,
> -Carlos
> --
> Carlos G Mendioroz <tron_at_huapi.ba.ar <mailto:tron_at_huapi.ba.ar>>
> LW7 EQI Argentina
>
>
> Blogs and organic groups at http://www.ccie.net <http://www.ccie.net/>
>
> ___________________________________________________________________________
> Subscription information may be found at:
> http://www.groupstudy.com/__list/CCIELab.html
> <http://www.groupstudy.com/list/CCIELab.html>
>
>
>
>
>
>
>
>

-- 
Carlos G Mendioroz  <tron_at_huapi.ba.ar>  LW7 EQI  Argentina
Blogs and organic groups at http://www.ccie.net

Received on Thu Aug 16 2012 - 20:12:29 ART

This archive was generated by hypermail 2.2.0 : Sat Sep 01 2012 - 08:41:18 ART