Hi Roger,
I?m trying to shape a port to 30mbps on a Cisco 3550.
I'm using a policy map on ingress, but can I use it on egress also?
What is the correct way to shape in/out?
this has been discussed many times on the list. Shaping on ingress/egress on
the 3550 can be quite painful if you don't know all the tricks! ;)
Now I'm using this to limit each port to a given value, and it's working
fine:
class-map match-any all-out
match ip dscp 0
class-map match-any all-in
match access-group 100
!
!
policy-map 1mbit-in
class all-in
police 1024000 192000 exceed-action drop
policy-map 1mbit-out
class all-out
police 1024000 192000 exceed-action drop
access-list 100 permit ip any any
Basically you can match an access-list while shaping ingress, but can only
use a dscp value to shape on egress. While testing this, keep in mind that
snmp counters on interfaces will account for traffic arriving at the
interface, no matter if that's been rate limited to much less. It's painful
to debug, sadly...
For the exceed rates I always use the famous Cisco formula, and never had
problems:
configured rate * (1 byte)/(8 bits) * 1.5 seconds
Cheers,
]\/[arco
3 messages in net.nether.puck.cisco-nsp[c-nsp] Traffic shaping Cisco 3550 (fwd)
