4500 Aggregate policers and Per-Port Per-VLAN QoS

Similar Messages

• SG300 Setting MTU frame size per port or vlan

  Hey Guys,  A large set of my devices are Gigabit and Jumbo Frame capable. All of my IP phones and Printers are not however, they're stuck in the 100mbit age... Is it possible to set the MTU for a particular Port/VLAN?  Maybe I'm not understanding everything... but I see the SG300 as a system with just a ton of NICs. Typically on a PC, you can set the MTU of the NIC to match the established L2 network MTU. An L3 device can then correct MTU mismatch by IP Fragmentation. Since my switches are in L3 mode, it seems like I should be able to set the MTU for a particular L2 VLAN.  Thanks

  In the case of your firewall sending a 9k sized layer 2 (as in, a 9k ethernet) frame through a switch which didn't support (or wasn't enabled) for jumbo frames, then the frame would hit the ethernet switch fabric and be dropped on the floor by the switch, if the frame exceeded the maximum MTU of that switch.  That will create a real headache for you - layer 2 frame problems like that are a real pain in the #ss because you can for example ping across these switches, and browse some sites, but larger packets silently disappear into the ether, and a seemingly random selection of websites will become somewhat unbrowseable (or you may get the ads and the headline, but not the content for example).
  Another good example of this is if you have Active Directory replication going on across a switch with a low MTU in the middle but end hosts using a high MTU, because you'll have these continual flapping of the replication processing, and timeouts logged but with no apparent loss in communications.  Many people have lost lots of hair on problems like that
  If it was a layer 3 MTU (as in, IP packet) mismatch, then the whole IP ICMP path discovery mechanism would kick in, and it's likely that communication would probably work, notwithstanding a firewall which could (but should not) be blocking this crucial ICMP traffic.  You should try and avoid layer 3 mismatches as well though, because MTU  that is smaller than the packets that need to traverse the link relies  on IP ICMP unreachable packets signalling to the IP stacks on the  endpoints to lower their MTU.  Now in an ideal world this works, but  there are still firewalls out there which block this stuff so it  sometimes doesn't...
  The good thing is that practically all switches by default have a layer 2 and 3 MTU of 1500, and this is fairly standard across hosts as well, so out of the box things just work.  It's not ideal for a storage/replication environment though, where the higher MTU can give you higher throughput with less IP overhead.
  So, the rules are:
  - Higher layer 2 MTUs are better, there's nothing to lose by setting these high.  It is a very good idea to consistently set this to the same value on all switches so that you don't have to keep track of what is set high and what isn't.  Knowing you can do a 9000 byte ethernet frame across the board is good, even if you don't use it straight away.
  - Higher layer 3 MTUs set on routers and hosts are OK but less well used, these only come into play when you are passing through a layer 3/subnet boundary, ie the IP packet is being routed.
  - You ALWAYS need to have your layer 3 MTU equal to, or less than, your layer 2 MTU, otherwise you will end up in a world of pain.
  - Normal networking only requires an MTU of 1500, but you will get better throughput out of storage and data replication environments if you can go higher between these hosts, on account of larger frames carrying more data per frame and thus fewer headers - and less work for the host to fragment the data into 1500 byte frames
  - Usually it is a good idea to have all hosts on a VLAN using the same layer 3 MTU.  It's not mandatory but it helps in terms of IP ICMP path discovery and is a good idea
  So in summary - at layer 2, you need to get it right and make sure that your end-to-end path supports at /least/ the maximum MTU of your hosts, because there is no mechanism at layer 2 to deal with a mismatch.  There's no real disadvantage to exceeding that minimum either so enabling jumbo frames is almost always OK.
  At layer 3, things are a bit more flexible, and better at handling a mismatch so you can sometimes get away with more, but it's still not perfect.  But overall, this is a slightly better situation to be in than the ethernet frames being dropped without trace :-)
  Hope that helps.

• Limit bandwidth per port switch/VLANs?

  I am using a switch to create multiple VLANs. Each network has a separate VLAN port on my 3550 configured. I want to control the bandwidth that port uses and restrict it. Is is there a simple command to do this or will I need QoS.
  Basically Fast0/1 - max bandwidth out/in (300K/400K)and so on..
  thanks in advance!

  You need to configure Policing that will limit the rate users can use going through a particular port/vlan.
  Policing involves creating a policer that specifies the bandwidth limits for the traffic. Packets that exceed the limits are out of profile or nonconforming. Each policer specifies the action to take for packets that are in or out of profile. These actions, carried out by the marker, include passing through the packet without modification or dropping the packet.
  This example shows how to create a policy map and attach it to an ingress interface. In the configuration, the IP standard ACL permits traffic from network 10.1.0.0. For traffic matching this classification, the DSCP value in the incoming packet is trusted. If the matched traffic exceeds an average traffic rate of 48000 bps and a normal burst size of 8000 bytes, its DSCP is dropped:
  Switch(config)# access-list 1 permit 10.1.0.0 0.0.255.255
  Switch(config)# class-map ipclass1
  Switch(config-cmap)# match access-group 1
  Switch(config-cmap)# exit
  Switch(config)# policy-map flow1t
  Switch(config-pmap)# class ipclass1
  Switch(config-pmap-c)# trust dscp
  Switch(config-pmap-c)# police 48000 8000 exceed-action drop
  Switch(config-pmap-c)# exit
  Switch(config-pmap)# exit
  Switch(config)# interface gigabitethernet0/1
  Switch(config-if)# service-policy input flow1t
  There is also example on aggregate policing. Here is a link on QoS:
  http://www.cisco.com/univercd/cc/td/doc/product/lan/c3550/12225see/scg/swqos.htm#wp1044737
  Please rate helpful posts.

• Supported VLANs per port 6500

  Hello,
  I need to know what is the number of supported vlans per port for a Cisco 6500 with sup 720?
  Thank you.

  On a port configured as access port, it can only belong to one and one vlan only. On a trunk port configured as dot1q iith software release 8.3(1) and later releases, instead of reserved VLANs, we now have only user and internal VLANs. VLAN manager no longer permanently sets aside VLANs for features that require them; they are now dynamically assigned as needed. The entire VLAN range (1 to 4094) is now available for user (and internal) VLANs.
  With ISL I believe it's 1005 vlans.

• Nexus 7009 bandwidth allocation per port in shared and dedicated mode:

  We have 7009 with following I/O modules:
  N7K-F248XP-25E --
  N7K-C7009-FAB-2 - qty 3
  N7K-SUP2
  I would like to know that each port of N7K-F248XP-25E will get how much bandwidth in shared mode. if we are using only one port group with 4 ports each port with 10gbps is it possible in shared mode to get 40gbps in one port group.
  Thanks

  Hi,
  I'm not sure there is such a thing as shared and dedicated mode on the N7K-F248XP-25E I/O module. I don't have one to test with, but you can see this if you execute the command show interface capabilities on your switch. If you look for the "Rate mode" line in the output it will show as dedicated or dedicated/shared. I suspect the ports on this module will all show as dedicated.
  That said, with your configuration there is potential for some level of over-subscription.
  The N7K-F248XP-25E I/O module uses a Switch on Chip (SoC) architecture with the 48-ports 10-GE ports connected via 12 SoCs, so the "port grouping" is ports 1-4=SoC 1, 5-8=SoC 2 etc.
  Each of the SoC has 40-Gbps of capacity to the switch fabric ASIC, which in turn has up to 550-Gbps capacity to the switching fabric. The 550-Gbps fabric capacity is the maximum based on 110-Gbps per slot, per fabric to the installed Fabric 2 Modules. To realise this capacity there must be five Fabric 2 modules installed in the chassis.
  From the hardware list you've supplied, you only have three Fabric 2 modules installed and as such you can only achieve a maximum of 330-Gbps per I/O module slot. What this means is that you have 480-Gbps host facing bandwidth, but 330-Gbps Fabric facing bandwidth, so a potential 1.45:1 over-subscription.
  You can reduce the over-subscription into the switch fabric by adding additional Fabric 2 modules.
  Regards

• How do I configure the Airport utility to allow more than one rule per port?

  How do I configure the Airport Utility (AU) to allow more than one rule per port?
  I am on a home network, with broadband cable modem.  I have my airport extreme connected to the broadband modem.  I have 2 servers in my home that need to be accessed remotely from time (SSH), and they also serve data for an iphone app, so I'm using a variety of protocols.  The problem I'm running into is that AU seems to only allow one rule per protocol, so if I go to add another address for access on a specific port that is being used by one of my servers, AU tells me "The Port Mapping Entry Already Exists". 
  I need to be able to allow SSH on both of my servers, for instance.  Am I missing something?  Is this doable with AU?
  Thanks for any insight.
  Khalid

  The Port Mapping "rules" on the AirPorts will allow you to: 1. Map a single port to a single IP address OR 2) Map multiple ports to a single IP address.
  What you won't be able to do is map a single or multiple ports to multiple IP addresses.

• Aggregate tables have many partitions per request

  We are having some performance issues dealing with aggregate tables and
  Db partitions. We are on BW3.5 Sp15 and use Oracle DB 9.2.06. After
  some analysis, we can see that for many of our aggregates, there are
  sometimes as much as a hundred partitions in the aggregates fact table.
  If we look at infocube itself, there are only a few requests (for
  example, 10). However, we do often delete and reload requests
  frequently. We understood that there should only be one partition per
  request in the aggregate (infocube is NOT set up for partitioning by
  other than request).
  We suspect the high number of partitions is causing come performance
  issues. But we don;t understand why they are being created.
  I have even tried deleting the aggregate (all aggregate F tables and
  partitions were dropped) and reloading, and we still see many many more
  partitions than requests. (we also notice that many of the partitions
  have a very low record count - many less than 10 records in partition).
  We'd like to understand what is causing this. Could line item
  dimensions or high cardinality play a role?
  On a related topic-
  We also have seen an awful lot of empty partitions in both the infocube
  fast table and the aggregate fact table. I understand this is probably
  caused by the frequent deletion and reload of requests, but I am
  surprised that the system does not do a better job of cleaning up these
  empty partitions automatically. (We are aware of program
  SAP_DROP_EMPTY_FPARTITIONS).
  I am including some files which show these issues via screen shots and
  partition displays to help illustrate the issue.
  Any help would be appreciated.
  Brad Daniels
  302-275-1980
  215-592-2219

  Ideally the aggregates should get compressed by themselves - there could be some change runs that have affected the compression.
  Check the following :
  1. See if compressing the cube and rolling up the aggregates will merge the partitions.
  2. What is the delta mode for the aggregates ( are you loading deltas for aggregates or full loads ) ?
  3. Aggregates are partitioned according to the infocube and since you are partitioning according to the requests - the same is being done on the aggregates.
  Select another partitioning characteristic if possible. - because it is ideally recommended that request should not be used for partitioning.
  Arun
  Assign points if it helps..

• SG100D-08 EU - 2 LED indicators per port - 1 for the traffic - The 2nd one?

  Hello,
  I'm using for one part of our small business network a SG100D-08 EU switch.
  For an unknown reason, this switch is not working at one location. When connected to a laptop, the laptop is not getting an IP address.
  If I replace that Cisco switch with a D-Link one, it is working perfectly!
  I have tried several things but without success.
  The last thing where I cannot find an answer on the messy Cisco website is the signification of the LEDs on the back of the switch.
  There are 2 LEDs per port. One is meant to show the traffic but the other one?
  Can anyone give me an answer on the last point and maybe tell me why the switch is not working at some places?
  Regards,
  Bob

  According to the manual http://www.cisco.com/c/dam/en/us/td/docs/switches/lan/csbus/100_Series/SG100D08_QSG.pdf
  there is only one light per port. Does the manual I linked to match your product?
  Is your laptop older and your old switch 10/100?  This is an unmanaged 10/100/1000 switch and you may have an auto negotiation problem on the laptop. You could try hard  coding speed and duplex on the laptop. 

• Ports per ASIC on a 2232PP

  Anyone know how many ports per ASIC on a 2232 FEX ? We have lost connection to some servers and they are on four consecurive ports (ports 5-8) which smells of an ASIC dying.
  Thanks
  Pat

  It should be eight per switching sub-system.
  fex-114# show platform software woodside sts
  Board Status Overview:
  legend:
          '  '= no-connect
          X   = Failed
          -   = Disabled
          :   = Dn
          |   = Up
          [$] = SFP present
          [ ] = SFP not present
          [X] = SFP validation failed
  (FINAL POSITION TBD)     Uplink #:        1  2  3  4  5  6  7  8 
                        Link status:        :  :  :  :  :  :  |  |
                                          +-+--+--+--+--+--+--+--+-+
                                SFP:       [ ][ ][ ][ ][ ][ ][$][$]
                                          +-+--+--+--+--+--+--+--+-+
                                          | N  N  N  N  N  N  N  N |
                                          | I  I  I  I  I  I  I  I |
                                          | 0  1  2  3  4  5  6  7 |
                                          |                        |
                                          |        NI (0-7)        |
                                          +------------+-----------+                                        
                                                       |                                                    
               +-------------------------+-------------+-------------+---------------------------+          
               |                         |                           |                           |          
  +------------+-----------+ +-----------+------------+ +------------+-----------+ +-------------+----------+
  |        HI (0-7)        | |        HI (8-15)       | |       HI (16-23)       | |        HI (24-31)      |
  |                        | |                        | |                        | |                        |
  | H  H  H  H  H  H  H  H | | H  H  H  H  H  H  H  H | | H  H  H  H  H  H  H  H | | H  H  H  H  H  H  H  H |
  | I  I  I  I  I  I  I  I | | I  I  I  I  I  I  I  I | | I  I  I  I  I  I  I  I | | I  I  I  I  I  I  I  I |
  | 0  1  2  3  4  5  6  7 | | 8  9  1  1  1  1  1  1 | | 1  1  1  1  2  2  2  2 | | 2  2  2  2  2  2  3  3 |
  |                        | |       0  1  2  3  4  5 | | 6  7  8  9  0  1  2  3 | | 4  5  6  7  8  9  0  1 |
  +-+--+--+--+--+--+--+--+-+ +-+--+--+--+--+--+--+--+-+ +-+--+--+--+--+--+--+--+-+ +-+--+--+--+--+--+--+--+-+
  +-+--+--+--+--+--+--+--+-+ +-+--+--+--+--+--+--+--+-+ +-+--+--+--+--+--+--+--+-+ +-+--+--+--+--+--+--+--+-+
    1  2  3  4  5  6  7  8     9  1  1  1  1  1  1  1     1  1  1  2  2  2  2  2     2  2  2  2  2  3  3  3 
                                  0  1  2  3  4  5  6     7  8  9  0  1  2  3  4     5  6  7  8  9  0  1  2 
  fex-114#

• Will the current iMac with two Thunderbolt ports support up to 12 devices (6 per port) or just 6 total?

  Will the current iMac with two Thunderbolt ports support up to 12 devices (6 per port) or just 6 total?

  If will handle 7 devices total, you will use one thunderbolt port as an upstream and the other as a downstream. 
  Take a look at this link, http://en.wikipedia.org/wiki/Thunderbolt_(interface)

• Disabling VTP advertisements on a per port basis

  I there a way of disabling VTP from sending advertisements out certain trunk ports on a per port basis. IOS is 12.2 running on cisco WS-C6506-E.

  I do not think it's possible without breaking a VTP domain. But you still able to do pruning on the port, excluding all VLANs, except of VLAN 1 of course.

• Is there a recommended limit on the number of custom sections and the cells per table so that there are no performance issues with the UI?

  Is there a recommended limit on the number of custom sections and the cells per table so that there are no performance issues with the UI?

  Thanks Kelly,
  The answers would be the following:
  1200 cells per custom section (NEW COUNT), and up to 30 custom sections per spec.
  Assuming all will be populated, and this would apply to all final material specs in the system which could be ~25% of all material specs.
  The cells will be numeric, free text, drop downs, and some calculated numeric.
  Are we reaching the limits for UI performance?
  Thanks

• HT204266 Hi... I bought an app from app store... It turned around to be a false app and not as per the description. App dev page is a fraud. How can I get a refund?

  Hi... I bought an app from app store... It turned around to be a false app and not as per the description. App dev page is a fraud. How can I get a refund?

  Welcome to the Apple community.
  Select the content which is causing a problem and use the 'Report a problem' button in Your Purchase History.

• Is there a way to prevent DHCP from egress per port via ACL?

  Is there a way to prevent DHCP from egress per port via ACL?
  i am running serveral SRW248G4's in a MDU enviroment. I need a way to not have dhcp from one customer to the other, however get mine through uplink port.
  Any ideas?

  i don't think that this would be possible. when you setup acl to prevent services (dhcp in your case), you would need to specify an ip or range of ip address. if computers is yet to receive an ip then it wont even communicate with the dhcp server.

• Download and upload speed per ssid in air-sap2602.

  Dear team,
  How to limit the download and upload speed per ssid in air-sap2602 ?
  SSID =5MB download + 1upload
  SSID= 30MB download + 5upload
  Regards

  If you need help with traffic shaping, you should post your question on the rLAN, Switching and Routing forum:
  https://supportforums.cisco.com/community/netpro/network-infrastructure/switching
  You can also look for examples by searching Configure 1941 traffic shaping:
  http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfgts.html
  http://www.cisco.com/en/US/docs/ios/12_2/qos/configuration/guide/qcfcbshp.html
  Thanks,
  Scott
  Help out other by using the rating system and marking answered questions as "Answered"