2

Is this too much to ask from a Cisco switch..

Being able to limit traffic on a per IP basis on a single interface.

e.g. 192.168.1.12 = 500kbps 192.168.1.30 = 200kbps

I know traffic policing is available, but it that only a blanket mechanism, affecting everything, or can I split it out on a per IP basis?

Lab switch is Cisco C2960 Ver 12.2(25r)SEE1

But if it's unavailable there, I have access to newer switches... I more just want to know if it can be done on a layer 2 switch.

Teun Vink
  • 16,953
  • 6
  • 44
  • 70
user10021657
  • 583
  • 2
  • 11
  • 2
    Can't do it on a 2960. You need a pretty beefy L3 switch to do L3 QoS – Ron Trunk Nov 09 '18 at 13:43
  • I've worked down to a policy map... so it looks like you can do it, but not to the granularity I'm looking for... it's in 1Mb/s steps policing, which is linked to an ACL, which matches IP source and Dest – user10021657 Nov 09 '18 at 13:47
  • 2
    2960s can only do per interface QoS. The 2960s are actually very limited in the QoS they can do, and you have only a few tiny queues for layer-2 QoS. You want to do the policing on a real layer-3 device. – Ron Maupin Nov 09 '18 at 14:03

1 Answers1

3

You cannot police traffic for individual hosts on the Cisco 2960 Series.

The QoS functions are also very limited on the software version you are running. You would need at least version 15 software train to enable essential features on the Switch.

  • it's allowing me to write a policy map, which matches to an ACL, which matches source to dest traffic and police it to 1Mb/s .... will that just simply not work on it ? – user10021657 Nov 09 '18 at 13:58
  • 1
    You can only police input traffic and the basic 2960 doesn't have enough processing power to do it properly. The queues are also very limited. You can read my post here: https://networkengineering.stackexchange.com/questions/42660/implementing-cisco-qos-model-to-end-users/45176 –  Nov 09 '18 at 14:05
  • ah OK cool, thanks for the info and I'll have a read over the post – user10021657 Nov 09 '18 at 14:19
  • Quick query in regards to your link.... does remarking RTP packets as EF take much resources on a 2960 ? packets enter the switch marked as 0, then leave as EF? – user10021657 Nov 09 '18 at 14:25
  • 1
    @user10021657 yes, on the older models. The 2960X has no impact on performance. –  Nov 09 '18 at 15:39
  • 1
    @user10021657 Remember it's still only ingress (input) policing on the 2960X model. –  Nov 09 '18 at 17:57