Restrictions and Limitations for Traffic Policing
Bandwidth and Policing
The police command allows you to police the traffic that passes through the router. You can configure
traffic policing in bits per second (bps) or as a percentage of bandwidth of the network interface on which
policing is applied. Configuring traffic policing based on bandwidth percentage enables you to use the
same policy map for multiple interfaces with differing amounts of bandwidth.
To configure traffic policing on the basis of a percentage of bandwidth available on an interface, use the
police percent command in policy-map class configuration mode. The police percent command
calculates the CIR based on a percentage of the maximum amount of bandwidth available on the
interface. When you attach a policy map to an interface, the router calculates the equivalent CIR values
in bits per second (bps) based on the interface bandwidth and the percentage you entered for the
police percent command.
The police percent command also allows you to optionally specify values for the conform burst size and
the peak burst size in bytes per millisecond. If you specify the burst sizes, be sure to specify the size in
milliseconds.
If the interface bandwidth changes (for example, more is added), the router recalculates the bps values
of the CIR based on the revised amount of bandwidth. If you change the CIR percentage after you attach
the policy map to the interface, the router recalculates the bps value of the CIR.
When you use a percent-based police command within a nested policy, the police percentage is based on
the policy's topmost, class-default, shape rate. Otherwise, the police percentage is based on the
bandwidth of the network interface on which the police command is applied.
In a hierarchical policy, the police percent command uses the maximum rate of bandwidth available as
the reference point for calculating the bandwidth percentage. Within a nested policy, the police percent
is based on the policy's topmost, class-default, shape rate. Otherwise, the police percent is based on the
bandwidth of the network interface on which the police command is applied.
When the police percent command is configured in a child (secondary-level) policy map, the police
percent command uses the bandwidth amount specified in the next higher-level policy, which in this
case is the parent (primary-level) policy map. The police percent command always looks to the next
higher level for the bandwidth reference point.
Restrictions and Limitations for Traffic Policing
•
•
•
•
•
•
•
•
•
Cisco 10000 Series Router Quality of Service Configuration Guide
6-26
You can configure a maximum of 131,072 (PRE1) or 262,144 (PRE2) policing instances.
The router supports only the policing actions listed in
You cannot specify multiple conform or exceed actions for a specific class in a policy map.
In releases prior to Cisco IOS Release 12.2(33)SB, the router supports up to 16 police action types.
In Cisco IOS Release 12.2(33)SB and later releases, the router supports up to 32 police action types.
The router does not allow you to attach a policy map to the inbound interface when the policy map
contains a set-cos-transmit or set-cos-inner-transmit policing action.
The router supports only the following combinations of dual actions on the output interface:
set-cos-transmit and set-cos-inner-transmit
–
The router allows the set-cos-transmit police action only when it is applied to an output policy.
The set-cos-transmit police action sets only the outer CoS bits.
The router allows the set-cos-inner-transmit police action only when it is applied to an output policy.
Chapter 6
Table 6-1 on page
6-3.
Policing Traffic
OL-7433-09