Chapter 31
Configuring PFC QoS
•
Policers
Policing with the conform-action transmit keywords supersedes the ingress LAN port trust state of
Note
matched traffic with trust DSCP or with the trust state defined by a trust policy-map class command (see
the
You can create policers that do the following:
•
•
Policing rates are based on the Layer 3 packet size. You specify the bandwidth utilization limit as a
committed information rate (CIR). With a PFC2, you can also specify a higher peak information rate
(PIR). Packets that exceed a rate are "out of profile" or "nonconforming."
In each policer, you specify if out-of-profile packets are to be dropped or to have a new DSCP value
applied to them (applying a new DSCP value is called "markdown"). Because out-of-profile packets do
not retain their original priority, they are not counted as part of the bandwidth consumed by in-profile
packets.
With a PFC2, if you configure a PIR, the PIR out-of-profile action cannot be less severe than the CIR
out-of-profile action. For example, if the CIR out-of-profile action is to mark down the traffic, then the
PIR out-of-profile action cannot be to transmit the traffic.
For all policers, PFC QoS uses a configurable global table that maps the internal DSCP value to a
marked-down DSCP value (see the
When markdown occurs, PFC QoS gets the marked-down DSCP value from the table. You cannot
specify marked-down DSCP values in individual policers.
By default, the markdown table is configured so that no markdown occurs: the marked-down DSCP
Note
values are equal to the original DSCP values. To enable markdown, configure the table appropriately for
your network.
You can create two kinds of policers: aggregate and microflow:
•
78-14099-04
Untrusted—Sets the internal DSCP value to a configured DSCP value.
With the default values, PFC QoS applies DSCP zero to traffic from ingress LAN ports
Note
configured as untrusted.
"Configuring the Policy Map Class Trust State" section on page
Mark traffic
Limit bandwidth utilization and mark traffic
For more information, see the
"Configuring Policy Map Class Actions" section on page
PFC QoS applies the bandwidth limits specified in an aggregate policer cumulatively to all flows in
matched traffic. You can create up to 1023 aggregate policers. You can create two types of aggregate
policer: named and per port. Both types can be attached to more than one port:
You define per-interface aggregate policers in a policy map class with the police command. If
–
you attach a per-interface aggregate policer to multiple ingress ports, it polices the matched
traffic on each ingress port separately.
You create named aggregate policers with the mls qos aggregate-policer command. If you
–
attach a named aggregate policer to multiple ingress ports, it polices the matched traffic from
all the ingress ports to which it is attached.
Catalyst 6500 Series Switch Cisco IOS Software Configuration Guide—Release 12.1 E
"Creating Named Aggregate Policers" section on page 31-35
"Configuring DSCP Markdown Values" section on page
Understanding How PFC QoS Works
31-45).
31-44.
and the
31-68).
31-19