OcNOS-RON : Quality of Service Guide : Quality of Service Configuration Guide : Policing Configuration
Policing Configuration
Topology
Simple configuration of Policing
L2 Interface
Do the following to configure policing on an L2 interface.
 
#configure terminal
Enter configure mode.
(config)#bridge 1 protocol mstp
Configure bridge 1 as mstp aware.
(config)#interface xe2
Enter interface mode.
(config-if)#switchport
Configure xe2 as a Layer 2 port.
(config-if)#bridge-group 1
Associate bridge to an interface.
(config-if)#switchport mode trunk
Configure port as a trunk.
(config-if)#switchport trunk allowed vlan all
Allow all the VLANs on the xe2 interface.
(config-if)#exit
Exit the xe2 interface mode.
(config)#qos enable
Enable QoS globally.
(config)#qos statistics
Enable QoS statistics.
(config)#class-map type qos 1234
Enter Class-map mode
(config-cmap-qos)#match cos 3
Configure match criteria as CoS with Value 3
(config-cmap-qos)#exit
Exit Class-map mode
(config)#policy-map type qos 1234
Enter policy-map mode
(config-pmap-qos)#class type qos 1234
Assign Class 1234 to Policy-map 1234
(config-pmap-c-qos))# police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop
Police access-list 102 frames @ Committed information rate 2 mbps, committed bust 2 mbyte, peak information rate 3 mbps, peak burst 2 mbytes when traffic is > CIR and <= PIR then Set the class of service (CoS) field to 1, if traffic violate the action then drop the frames.
(config-pmap-c-qos)#exit
Exit out of policy-class-map mode
(config-pmap-qos)#exit
Exit out of Policy-map mode
(config)#interface xe2
Enter xe2 interface
(config-if)#service-policy type qos input 1234
Assign service-policy to interface on in-direction
(config)#interface xe3
Enter interface mode.
(config-if)#switchport
Configure xe3 as a Layer 2 port.
(config-if)#bridge-group 1
Associate bridge to an interface.
(config-if)#switchport mode trunk
Configure port as a trunk.
(config-if)#switchport trunk allowed vlan all
Allow all the VLANs on the xe3 interface.
(config-if)#exit
Exit the xe3 interface mode.
(config)#mac access-list 102
Configure mac access-list with action
(config-mac-acl)#permit host 0000.0101.1010 host 0000.0202.2020
 
Permit when frames matches Source mac address 00:00:01:01:10:10 and destination mac address 00:00:02:02:20:20
(config-mac-acl)#exit
Exit mac access-list mode
(config)#class-map type qos match-any 2345
 
Enter Class-map mode
(cmap-qos-match-any-mode)#match access-group 102
Configure match criteria as access-group 102
(cmap-qos-match-any-mode)#exit
Exit Class-map mode
(config)#policy-map type qos 2345
Enter policy-map mode
(config-pmap-qos)#class type qos 2345
Assign Class 2345 to Policy-map 2345
(config-pmap-c-qos))# police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop
Police access-list 102 frames @ Committed information rate 2 mbps, committed bust 2 mbytes, peak information rate 3 mbps, peak burst 2 mbytes when traffic is > CIR and <= PIR, then set the class of service (CoS) field to 1, if traffic violate the action, then drop the frames.
(config-pmap-qos)#exit
Exit Policy-class mode
(config-pmap-qos)#exit
Exit Policy-map mode
(config)#interface xe3
Enter interface mode.
(config-if)#service-policy type qos input 2345
Assign service-policy 2345 to interface on in-direction
(config-if)#commit
Committing the configured line
(config-if)#exit
Exit interface mode
Validation
Enter the commands below to confirm the configurations.
#show running-config qos
qos enable
!
qos statistics
!
class-map type qos 1234
match cos 2
!
class-map type qos match-any 2345
match access-group 102
!
policy-map type qos 1234
class type qos 1234
police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop
exit
policy-map type qos 2345
class type qos 2345
police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop
exit
!
interface xe2
service-policy type qos input 1234
!
interface xe3
service-policy type qos input 2345
#show class-map type qos
 
Type qos class-maps
===================
class-map type qos 1234
match cos 2
 
class-map type qos match-any 2345
match access-group 102
 
class-map type qos match-any class-default
 
#show policy-map type qos
 
Type qos policy-maps
====================
 
policy-map type qos 1234
class type qos 1234
police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop
exit
 
policy-map type qos 2345
class type qos 2345
police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop
exit
#
#show policy-map interface xe2
 
 
Interface xe2
Global statistics status : enabled
 
 
Service-policy (qos) input : 1234
--------------------------------
Class-map (qos): 1234 (match all)
match cos 3
 
police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop
matched : 7419394 packets, 504519132 bytes
dropped : 7409793 packets, 503866264 bytes
 
 
Service-policy (queuing) output: default-out-policy
--------------------------------
Class-map (queuing): q0
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q1
priority
output : 7222 packets, 491096 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q2
priority
output : 14444 packets, 982192 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q3
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q4
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q5
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q6
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q7
priority
output : 2 packets, 246 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q0
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q1
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q2
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q3
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q4
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q5
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q6
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q7
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Wred Drop Statistics :
----------------------
green : 0 packets
yellow : 0 packets
red : 0 packets
 
 
#show policy-map interface xe3
 
 
Interface xe3
Global statistics status : enabled
 
 
Service-policy (qos) input : 2345
--------------------------------
Class-map (qos): 2345 (match any)
match access-group 102
police cir 2 mbps pir 3 mbps bc 2 mbytes be 2 mbytes conform transmit exceed set-cos-transmit 1 violate drop
matched : 16218780 packets, 1102879420 bytes
 
 
Service-policy (queuing) output: default-out-policy
--------------------------------
Class-map (queuing): q0
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q1
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q2
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q3
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q4
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q5
priority
output : 18527 packets, 1259836 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q6
priority
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): q7
priority
output : 5 packets, 615 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q0
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q1
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q2
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q3
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q4
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q5
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q6
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Class-map (queuing): mc-q7
output : 0 packets, 0 bytes
dropped : 0 packets, 0 bytes
 
 
Wred Drop Statistics :
----------------------
green : 0 packets
yellow : 0 packets
red : 0 packets