Manualshelf

Specifications

ManualsBrandsCisco ManualsComputer equipmentWS-X6148-FE-SFP= - Classic Interface Module Switch
51525354555657585960
White Paper
© 2009 Cisco Systems, Inc. All rights reserved. This document is Cisco Public Information. Page 56 of 89
Cat6500(config-pmap-c)# police flow mask src-only 20000000 13000 conform-action
transmit exceed-action drop
Cat6500(config-pmap)# class return_traffic
Cat6500(config-pmap-c)# police flow mask dest-only 30000000 13000 conform-action
transmit exceed-action drop
This statement created a rate limits for outbound traffic of 20Mbps with a burst of 52Mbps (13000*4000 = 52Mb), and
return traffic for 30Mbps with a burst of 52Mbps. If traffic matches this profile, and be within the rate limit, the action
to transmit the traffic is set with the confirm-action statement. Should traffic exceed the rates of 20 and 30Mbps,
the action to drop additional traffic is set with the bparameter.
The final steps are the following: select the correct netflow mask, apply netflow and the policer to the interface.
Cat6500(config)# interface vlan 200
Cat6500(config-if)# ip flow ingress
Cat6500(config-if)# ip flow egress
Cat6500(config-if)#service-policy input UBRL
8.10.1. Egress Policing
The PFC3 supports egress policing of traffic using both IP and MAC based ACL’s. The egress policing of IPX traffic
is supported by the PFC3 but with MAC ACL’s. Egress policing can only be applied to a routed (layer 3) interface or
a VLAN (SVI) interface and is not permitted on a layer 2 switchport.
Configuration of egress policing only differs from the policing configuration examples above in the application of the
policy to the interface. The policer is created in the same manner, building the class map and policy map as in the
above examples. Using the “police-to-10” policy created earlier, this same policy can be turned into an egress
policer.
Cat6500(config)# interface fastethernet 5/2
Cat6500(config-if)# service-policy output police-to-10
The use of the service-policy command is used to apply a policy to an interface. The keyword to note in the example
above is the use of the “output” parameter. This tells the PFC3 to apply this policy for outbound (egress) traffic on
this interface.
8.11 Configuring Classification
The following section describes the QoS configuration components used to support classification on the PFC using
Cisco IOS
8.11.1. CoS to DSCP Mapping
On ingress to the switch, a frame will have a DSCP value set by the switch. If the port is in a trusted state, and the
administrator has used the mls qos trust-cos keyword (on GE and 10GE ports or 10/100 ports on the WS-X6548
and WS-X6148 line cards), then the CoS value set in the frame will be used to determine the DSCP value set for the
frame. As mentioned before, the switch can assign levels of service to the frame as it transits the switch based on
the internal DSCP value.
When QoS is enabled, the switch creates a default map. Please refer to table 3 for default settings. This map is used
to identify the DSCP value that will be set based on the CoS value. Alternatively, the administrator can set up a
unique map. An example of this is shown below:
Cat6500(config)# mls qos map cos-dscp 20 30 1 43 63 12 13 8