-
Cisco IOS Quality of Service Solutions Configuration Guide, Release 12.4
-
Quality of Service Overview
- Part 1: Classification
- Part 2: Congestion Management
- Part 3: Congestion Avoidance
-
Part 4: Policing and Shaping
-
Policing and Shaping Overview
-
Configuring Traffic Policing
-
Configuring Traffic Policing
-
Traffic Policing
-
Two-Rate Policer
-
Policer Enhancement---Multiple Actions
-
Percentage-Based Policing and Shaping
-
Modular QoS CLI (MQC) Three-Level Hierarchical Policer
-
ATM Policing by Service Category for SVC/SoftPVC
-
Modular QoS CLI (MQC) Unconditional Packet Discard
-
Control Plane Policing
-
- Regulating Packet Flow
-
- Part 5: Signalling
- Part 6: Link Efficiency Mechanisms
- Part 7: Quality of Service Solutions
- Part 8: Modular Quality of Service Command-Line Interface
- Part 9: Security Device Manager
- Part 10: AutoQoS
-
Table Of Contents
Traffic Policing Configuration Task List
Verifying the Traffic Policing Configuration
Monitoring and Maintaining Traffic Policing
Traffic Policing Configuration Examples
Traffic Policy that Includes Traffic Policing: Example
Configuring Traffic Policing
Feature History
Cisco IOS
For information about feature support in Cisco IOS software, use Cisco Feature Navigator.
This module describes the tasks for configuring the Traffic Policing feature.
For complete conceptual information, see the "Policing and Shaping Overview" module.
For a complete description of the Traffic Policing commands mentioned in this module, refer to the Cisco IOS Quality of Service Solutions Command Reference. To locate documentation of other commands that appear in this module, use the command reference master index or search online.
Use Cisco Feature Navigator to find information about platform support and Cisco IOS and Catalyst OS software image support. To access Cisco Feature Navigator, go to http://www.cisco.com/go/cfn. An account on Cisco.com is not required.
Traffic Policing Configuration Task List
To configure the Traffic Policing feature, perform the tasks described in the following sections. The task in the first section is required; the tasks in the remaining section are optional.
•
Configuring Traffic Policing (Required)
•
See the end of this module for the section "Traffic Policing Configuration Examples."
Configuring Traffic Policing
To successfully configure the Traffic Policing feature, a traffic class and a traffic policy must be created, and the traffic policy must be attached to a specified interface. These tasks are performed using the Modular Quality of Service (QoS) Command-Line Interface (CLI) (MQC). For information about the MQC, see the "Applying QoS Features Using the MQC" module.
The Traffic Policing feature is configured in the traffic policy. To configure the Traffic Policing feature, use the following command in policy-map class configuration mode:
The command syntax of the police command allows you to specify the action to be taken on a packet when you enable the action keyword. The resulting action corresponding to the keyword choices are listed in Table 12.
For more information about the police command, refer to the Cisco IOS Quality of Service Solutions Command Reference.
The Traffic Policing feature works with a token bucket mechanism. There are currently two types of token bucket algorithms: a single token bucket algorithm and a two token bucket algorithm. A single token bucket system is used when the violate-action option is not specified, and a two token bucket system is used when the violate-action option is specified.
For a description of a single token bucket algorithm and an explanation of how it works, see the "Policing and Shaping Overview" module.
Verifying the Traffic Policing Configuration
To verify that the Traffic Policing feature is configured on your interface, use the following command in EXEC mode:
Router# show policy-map interface
Displays statistics and configurations of all input and output policies attached to an interface.
Monitoring and Maintaining Traffic Policing
To monitor and maintain the Traffic Policing feature, use the following commands in EXEC mode, as needed:
For more information about the show policy-map and show policy-map interface commands and how to interpret the information displayed, refer to the Cisco IOS Quality of Service Solutions Command Reference.
Traffic Policing Configuration Examples
The following section provides an Traffic Policing configuration example:
•
For information on how to configure the Traffic Policing feature, see the section "Traffic Policing Configuration Task List" in this module.
Traffic Policy that Includes Traffic Policing: Example
The following configuration example shows how to define a traffic class (with the class-map command) and associate that traffic class with a traffic policy (with the policy-map command). Traffic policing is applied in the traffic policy. The service-policy command is then used to attach the traffic policy to the interface.
For additional information on configuring traffic classes and traffic policies, see the "Applying QoS Features Using the MQC" module.
In this particular example, traffic policing is configured with the average rate at 8000 bits per second, the normal burst size at 2000 bytes, and the excess burst size at 4000 bytes. Packets coming into Fast Ethernet interface 0/0 are evaluated by the token bucket algorithm to analyze whether packets conform exceed, or violate the specified parameters. Packets that conform are sent, packets that exceed are assigned a QoS group value of 4 and are sent, and packets that violate are dropped.
For a description of a token bucket and an explanation of how a token bucket works, see the "Policing and Shaping Overview" module.
Router(config)# class-map acgroup2Router(config-cmap)# match access-group 2Router(config-cmap)# exitRouter(config)# policy-map policeRouter(config-pmap)# class acgroup2Router(config-pmap-c)# police 8000 2000 4000 conform-action transmit exceed-action set-qos-transmit 4 violate-action dropRouter(config-pmap-c)# exitRouter(config-pmap)# exitRouter(config)# interface fastethernet 0/0Router(config-if)# service-policy input policeCCDE, CCENT, Cisco Eos, Cisco Lumin, Cisco Nexus, Cisco StadiumVision, Cisco TelePresence, Cisco WebEx, the Cisco logo, DCE, and Welcome to the Human Network are trademarks; Changing the Way We Work, Live, Play, and Learn and Cisco Store are service marks; and Access Registrar, Aironet, AsyncOS, Bringing the Meeting To You, Catalyst, CCDA, CCDP, CCIE, CCIP, CCNA, CCNP, CCSP, CCVP, Cisco, the Cisco Certified Internetwork Expert logo, Cisco IOS, Cisco Press, Cisco Systems, Cisco Systems Capital, the Cisco Systems logo, Cisco Unity, Collaboration Without Limitation, EtherFast, EtherSwitch, Event Center, Fast Step, Follow Me Browsing, FormShare, GigaDrive, HomeLink, Internet Quotient, IOS, iPhone, iQuick Study, IronPort, the IronPort logo, LightStream, Linksys, MediaTone, MeetingPlace, MeetingPlace Chime Sound, MGX, Networkers, Networking Academy, Network Registrar, PCNow, PIX, PowerPanels, ProConnect, ScriptShare, SenderBase, SMARTnet, Spectrum Expert, StackWise, The Fastest Way to Increase Your Internet Quotient, TransPath, WebEx, and the WebEx logo are registered trademarks of Cisco Systems, Inc. and/or its affiliates in the United States and certain other countries.
All other trademarks mentioned in this document or website are the property of their respective owners. The use of the word partner does not imply a partnership relationship between Cisco and any other company. (0809R)
Any Internet Protocol (IP) addresses used in this document are not intended to be actual addresses. Any examples, command display output, and figures included in the document are shown for illustrative purposes only. Any use of actual IP addresses in illustrative content is unintentional and coincidental.
© 2007 Cisco Systems, Inc. All rights reserved.