The Journey of a Network Engineer

Dec 14 2011   12:26AM GMT

How to configure per-vlan QoS in Cisco 3550 and 3560

Sulaiman Syed Profile: Sulaiman Syed

You might think that configuring QoS in Cisco Switches will follow the same syntax. That what I thought till i started studying CCIE. Let’s See one major difference in how policing is implemented on these two platforms.

Cisco Catalyst 3550

I find the configuration of 3550 rather easier. First, you would enable QoS. second, when classifying traffic (you of course will use MQC) in the class map you match vlan id. Then you just police that traffic however you want it. Lets see a configuration for that.

mls qos
class-map HTTP_VLAN_10
match vlan 10
match protocol http
class HTTP_VLAN_10
set dscp af11
policy 12800 1600 exceed-action drop
interface fastethernet 0/1
service-policy input HIGH_BANDWIDTH

That is straight forward, and should be done easily without much confusion since that approach is what used in most routers.

Cisco Catalyst 3560

Here where we have rather different way of doing the same task. First, enable mls qos. Second, Match the interesting traffic. Third, enable mls qos on the interface. Fourth, mark the traffic in the First policy. Fifth, Police the rate at the nested policy. lastly, Apply it at the vlan interface.

mls qos
interface fa0/2
mls qos vlan-based
class-map INT
match input-interface fa0/2
policy-map NESTED_POLICE
class INT
policy 12800 1600 exceed-action drop
class-map HTTP
match protocol http
policy-map PARENT_MARK
class HTTP
set dscp af11
service-policy NESTED_POLICE
interface vlan 10
service-policy PARENT_MARK

Please note that you can’t MARK and POLICE the traffic in the same policy. So creating parent policy for marking and nested policy for rate police. We have to enable the interfaces that we want to participate in policing the vlan traffic since a direct match can’t be made. lastly, the service-policy will be applied into the Vlan interface and not the physical interface.

 Comment on this Post

There was an error processing your information. Please try again later.
Thanks. We'll let you know when a new response is added.
Send me notifications when other members comment.

Forgot Password

No problem! Submit your e-mail address below. We'll send you an e-mail containing your password.

Your password has been sent to:

Share this item with your network: