Policing Configuration

OcNOS DC : Quality of Service Guide : Quality of Service Configuration : Policing Configuration

Topology

Simple configuration of Policing

L2 Interface

Do the following to configure policing on an L2 interface.

#configure terminal	Enter configure mode.
(config)#bridge 1 protocol mstp	Configure bridge 1 as mstp aware.
(config)#interface xe2	Enter interface mode.
(config-if)#switchport	Configure xe2 as a Layer 2 port.
(config-if)#bridge-group 1	Associate bridge to an interface.
(config-if)#switchport mode trunk	Configure port as a trunk.
(config-if)#switchport trunk allowed vlan all	Allow all the VLANs on the xe2 interface.
(config-if)#exit	Exit the xe2 interface mode.
(config)#qos enable	Enable QoS globally.
(config)#qos statistics	Enable QoS statistics.
(config)#class-map type qos 1234	Enter Class-map mode
(config-cmap-qos)#match cos 3	Configure match criteria as CoS with Value 3
(config-cmap-qos)#exit	Exit Class-map mode
(config)#policy-map type qos 1234	Enter policy-map mode
(config-pmap-qos)#class type qos 1234	Assign Class 1234 to Policy-map 1234
(config-pmap-c-qos))# police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop	Police access-list 102 frames @ Committed information rate 2 mbps, committed bust 2 mbyte, peak information rate 3 mbps, peak burst 2 mbytes when traffic is > CIR and <= PIR then Set the class of service (CoS) field to 1, if traffic violate the action then drop the frames.
(config-pmap-c-qos)#exit	Exit out of policy-class-map mode
(config-pmap-qos)#exit	Exit out of Policy-map mode
(config)#interface xe2	Enter xe2 interface
(config-if)#service-policy type qos input 1234	Assign service-policy to interface on in-direction
(config)#interface xe3	Enter interface mode.
(config-if)#switchport	Configure xe3 as a Layer 2 port.
(config-if)#bridge-group 1	Associate bridge to an interface.
(config-if)#switchport mode trunk	Configure port as a trunk.
(config-if)#switchport trunk allowed vlan all	Allow all the VLANs on the xe3 interface.
(config-if)#exit	Exit the xe3 interface mode.
(config)#mac access-list 102	Configure mac access-list with action
(config-mac-acl)#permit host 0000.0101.1010 host 0000.0202.2020	Permit when frames matches Source mac address 00:00:01:01:10:10 and destination mac address 00:00:02:02:20:20
(config-mac-acl)#exit	Exit mac access-list mode
(config)#class-map type qos match-any 2345	Enter Class-map mode
(cmap-qos-match-any-mode)#match access-group 102	Configure match criteria as access-group 102
(cmap-qos-match-any-mode)#exit	Exit Class-map mode
(config)#policy-map type qos 2345	Enter policy-map mode
(config-pmap-qos)#class type qos 2345	Assign Class 2345 to Policy-map 2345
(config-pmap-c-qos))# police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop	Police access-list 102 frames @ Committed information rate 2 mbps, committed bust 2 mbytes, peak information rate 3 mbps, peak burst 2 mbytes when traffic is > CIR and <= PIR, then set the class of service (CoS) field to 1, if traffic violate the action, then drop the frames.
(config-pmap-qos)#exit	Exit Policy-class mode
(config-pmap-qos)#exit	Exit Policy-map mode
(config)#interface xe3	Enter interface mode.
(config-if)#service-policy type qos input 2345	Assign service-policy 2345 to interface on in-direction
(config-if)#exit	Exit interface mode

Validation

Enter the commands below to confirm the configurations.

#show running-config qos

qos enable

qos statistics

class-map type qos 1234

match cos 2

class-map type qos match-any 2345

match access-group 102

policy-map type qos 1234

class type qos 1234

police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop

exit

policy-map type qos 2345

class type qos 2345

police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop

exit

interface xe2

service-policy type qos input 1234

interface xe3

service-policy type qos input 2345

#show class-map type qos

Type qos class-maps

===================

class-map type qos 1234

match cos 2

class-map type qos match-any 2345

match access-group 102

class-map type qos match-any class-default

#show policy-map type qos

Type qos policy-maps

====================

policy-map type qos 1234

class type qos 1234

police colour-aware cir 1 mbps bc 1 mbytes conform set-cos-transmit 5 violate

drop

exit

policy-map type qos 2345

class type qos 2345

police colour-aware cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform tran

smit exceed set-cos-transmit 1 violate drop

exit

#show policy-map interface xe2

Interface xe2

Global statistics status : enabled

Service-policy (qos) input : 1234

--------------------------------

Class-map (qos): 1234 (match all)

match cos 3

police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop

matched : 7419394 packets, 504519132 bytes

dropped : 7409793 packets, 503866264 bytes

Service-policy (queuing) output: default-out-policy

--------------------------------

Class-map (queuing): q0

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q1

priority

output : 7222 packets, 491096 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q2

priority

output : 14444 packets, 982192 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q3

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q4

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q5

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q6

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q7

priority

output : 2 packets, 246 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q0

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q1

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q2

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q3

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q4

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q5

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q6

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q7

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Wred Drop Statistics :

----------------------

green : 0 packets

yellow : 0 packets

red : 0 packets

#show policy-map interface xe3

Interface xe3

Global statistics status : enabled

Service-policy (qos) input : 2345

--------------------------------

Class-map (qos): 2345 (match any)

match access-group 102

police colour-aware cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform trans

mit exceed set-cos-transmit 1 violate drop

matched : 16218780 packets, 1102879420 bytes

Service-policy (queuing) output: default-out-policy

--------------------------------

Class-map (queuing): q0

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q1

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q2

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q3

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q4

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q5

priority

output : 18527 packets, 1259836 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q6

priority

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): q7

priority

output : 5 packets, 615 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q0

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q1

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q2

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q3

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q4

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q5

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q6

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Class-map (queuing): mc-q7

output : 0 packets, 0 bytes

dropped : 0 packets, 0 bytes

Wred Drop Statistics :

----------------------

green : 0 packets

yellow : 0 packets

red : 0 packets