This documentation has been moved
Configuring Traffic Policing
Downloads: This chapterpdf (PDF - 103.0KB) The complete bookPDF (PDF - 5.85MB) | Feedback

Configuring Traffic Policing

Table Of Contents

Configuring Traffic Policing

Traffic Policing Configuration Task List

Configuring Traffic Policing

Verifying the Traffic Policing Configuration

Monitoring and Maintaining Traffic Policing

Traffic Policing Configuration Examples

Example: Traffic Policy that Includes Traffic Policing

Example: Verifying the Traffic Policing Configuration


Configuring Traffic Policing


First Published: December, 2007
Last Updated: March 21, 2011

Feature History

Release
Modification

Cisco IOS

For information about feature support in Cisco IOS software, use Cisco Feature Navigator.


This module describes the tasks for configuring the Traffic Policing feature.

Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.

Traffic Policing Configuration Task List

To successfully configure the Traffic Policing feature, a traffic class and a traffic policy must be created, and the traffic policy must be attached to a specified interface. These tasks are performed using the Modular Quality of Service (QoS) Command-Line Interface (CLI) (MQC).

To configure the Traffic Policing feature, perform the tasks described in the following sections.

Configuring Traffic Policing (Required)

Monitoring and Maintaining Traffic Policing (Optional)

Configuring Traffic Policing

Command
Purpose

Router(config-pmap-c)# police bps burst-normal burst-max conform-action action exceed-action action violate-action action

Specifies a maximum bandwidth usage by a traffic class.

Specifies the action to be taken on a packet when you enable the action keyword.

Note The Traffic Policing feature works with a token bucket mechanism. There are currently two types of token bucket algorithms: a single token bucket algorithm and a two token bucket algorithm. A single token bucket system is used when the violate-action option is not specified, and a two token bucket system is used when the violate-action option is specified.


Verifying the Traffic Policing Configuration

Command
Purpose

Router# show policy-map interface

Displays statistics and configurations of all input and output policies attached to an interface.


Monitoring and Maintaining Traffic Policing

Command
Purpose

Router# show policy-map

Displays all configured traffic policies.

Router# show policy-map policy-map-name

Displays the user-specified traffic policy.

Router# show policy-map interface

Displays statistics and configurations of all input and output policies attached to an interface.


Traffic Policing Configuration Examples

The following section provides an Traffic Policing configuration example:

Example: Traffic Policy that Includes Traffic Policing

Example: Verifying the Traffic Policing Configuration

Example: Traffic Policy that Includes Traffic Policing

The following example shows how to define a traffic class (with the class-map command) and associate that traffic class with a traffic policy (with the policy-map command). Traffic policing is applied in the traffic policy. The service-policy command is then used to attach the traffic policy to the interface.

In this example, traffic policing is configured with the average rate at 8000 bits per second, the normal burst size at 2000 bytes, and the excess burst size at 4000 bytes. Packets coming into Fast Ethernet interface 0/0 are evaluated by the token bucket algorithm to analyze whether packets conform exceed, or violate the specified parameters. Packets that conform are sent, packets that exceed are assigned a QoS group value of 4 and are sent, and packets that violate are dropped.

Router(config)# class-map acgroup2
Router(config-cmap)# match access-group 2
Router(config-cmap)# exit
Router(config)# policy-map police
Router(config-pmap)# class acgroup2
Router(config-pmap-c)# police 8000 2000 4000 conform-action transmit exceed-action 
set-qos-transmit 4 violate-action drop
Router(config-pmap-c)# exit
Router(config-pmap)# exit
Router(config)# interface fastethernet 0/0
Router(config-if)# service-policy input police

Example: Verifying the Traffic Policing Configuration

The following example verifies that the Traffic Policing feature is configured on your interface. If the feature is configured on your interface, the show policy-map interface command output displays policing statistics.

Router# show policy-map interface

FastEthernet0/0

Service-policy input: police

Class-map: acgroup2 (match-all)
       0 packets, 0 bytes
       5 minute offered rate 0 bps, drop rate 0 bps
       Match: access-group 2
       police: 
           cir 8000 bps, bc 2000 bytes, be 4000 bytes
         conformed 0 packets, 0 bytes; actions:
           transmit
         exceeded 0 packets, 0 bytes; actions:
           set-qos-transmit 4
         violated 0 packets, 0 bytes; actions:
           drop
         conformed 0 bps, exceed 0 bps, violate 0 bps

Cisco and the Cisco Logo are trademarks of Cisco Systems, Inc. and/or its affiliates in the U.S. and other countries. A listing of Cisco's trademarks can be found at www.cisco.com/go/trademarks. Third party trademarks mentioned are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (1005R)