The Journey of a Network Engineer

Dec 14 2011   12:26AM GMT

How to configure per-vlan QoS in Cisco 3550 and 3560



Posted by: Sulaiman Syed
Tags:
3550
3560
CCIE
Cisco
class-map
Configure
how
Lab
mark
nested policy
parent policy
per-vlan
police
policy-map
QoS
rate
switch
to
vlan

You might think that configuring QoS in Cisco Switches will follow the same syntax. That what I thought till i started studying CCIE. Let’s See one major difference in how policing is implemented on these two platforms.

Cisco Catalyst 3550

I find the configuration of 3550 rather easier. First, you would enable QoS. second, when classifying traffic (you of course will use MQC) in the class map you match vlan id. Then you just police that traffic however you want it. Lets see a configuration for that.

mls qos
!
class-map HTTP_VLAN_10
match vlan 10
match protocol http
!
policy-map HIGH_BANDWIDTH
class HTTP_VLAN_10
set dscp af11
policy 12800 1600 exceed-action drop
!
interface fastethernet 0/1
service-policy input HIGH_BANDWIDTH

That is straight forward, and should be done easily without much confusion since that approach is what used in most routers.

Cisco Catalyst 3560

Here where we have rather different way of doing the same task. First, enable mls qos. Second, Match the interesting traffic. Third, enable mls qos on the interface. Fourth, mark the traffic in the First policy. Fifth, Police the rate at the nested policy. lastly, Apply it at the vlan interface.

mls qos
!
interface fa0/2
mls qos vlan-based
!
class-map INT
match input-interface fa0/2
!
policy-map NESTED_POLICE
class INT
policy 12800 1600 exceed-action drop
!
class-map HTTP
match protocol http
!
policy-map PARENT_MARK
class HTTP
set dscp af11
service-policy NESTED_POLICE
!
interface vlan 10
service-policy PARENT_MARK

Please note that you can’t MARK and POLICE the traffic in the same policy. So creating parent policy for marking and nested policy for rate police. We have to enable the interfaces that we want to participate in policing the vlan traffic since a direct match can’t be made. lastly, the service-policy will be applied into the Vlan interface and not the physical interface.

 Comment on this Post

 
There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

REGISTER or login:

Forgot Password?
By submitting you agree to receive email from TechTarget and its partners. If you reside outside of the United States, you consent to having your personal data transferred to and processed in the United States. Privacy

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to: