Cisco Systems 2960 Policing and Marking

29-8

Catalyst 2960 Switch SoftwareConfiguration Guide

78-16881-01

Chapter29 Co nfiguring QoS

Understanding QoS

You create and name a policy map by using the policy-map global configuration command. When you

enter this command, the switch enters the policy-map configuration mode. In this mode, you specify the

actions to take on a specific traffic class by using the class, trust, or set policy-map configuration and

policy-map class configuration commands.

The policy map can contain the police and police aggregate policy-map class configuration commands,

which define the policer, the bandwidth limitations of the traffic, and the action to take if the limits are

exceeded.

To make the policy map effective, you attach it to a port by using the service-policy interface

configuration command.

For more information, see the “Policing and Marking” section on page 29-8. For configuration

information, see the “Configuring a QoS Policy” section on page 29-39.

Policing and Marking

After a packet is classified and has a DSCP-based or CoS-based QoS label assigned to it, the policing

and marking process can begin as shown in Figure 29-4.

Policing involves creating a policer that specifies the bandwidth limits for the traffic. Packets that exceed

the limits are out of profile or nonconforming. Each policer decides on a packet-by-packet basis whether

the packet is in or out of profile and specifies the actions on the packet. These actions, carried out by the

marker, include passing through the packet without modification, d ropping the packet, or modifying

(marking down) the assigned DSCP of the packet and allowing th e packet to pass through. The

configurable policed-DSCP map provides the packet with a new DSCP-based QoS label. For information

on the policed-DSCP map, see the “Mapping Tables” section on page 29-10. Marked-down packets use

the same queues as the original QoS label to prevent packets in a flow from getting out of order.

Note All traffic, regardless of whether it is bridged or routed, is subjected to a policer, if one is configured.

As a result, bridged packets might be dropped or might have their DSCP or CoS fields modified when

they are policed and marked.

You can configure policing on a physical port. For more information about configuring policing on

physical ports, see the “Policing on Physical Ports” section on page 29-9.

After you configure the policy map and policing actions, attach the policy to an ingress port by using the

service-policy interface configuration command. For configuration information, see the “Classifying,

Policing, and Marking Traffic on Physical Ports by Using Policy Maps” section on page 29-45 and the

“Classifying, Policing, and Marking Traffic by Using Aggregate Policers” section on page 29-48.