Unsolved
This post is more than 5 years old
2 Posts
0
88448
Traffic shaping at powerconnect
Hello, We have some Dell powerconnect 62xx switches (6248 and 6224F models). Most ports may use the full 1 gbit connection, but some not. I have used QoS -> Class of Service -> Interface configuration to set a port at 409600 kbps (400 Mbit). I'm monitoring it with cacti and around 3 hours ago traffic is around 500-520 Mbit, which means it is 100-120 Mbit over the limit (30% !). Is the function just rubbish or am I doing something wrong?
Would be nice if someone could help me :).
bh1633
909 Posts
0
February 7th, 2010 13:00
The switch limits the number of packets based on a rate that is estimated based on 512 byte packets. So if your average packet size is 30% larger than 512 and you are measureing rate base on number of bits, you will see 30% more traffic than you expected.
The configuration guide has a note about this.
Qhosting
2 Posts
0
February 7th, 2010 13:00
It doesnt make sense, since the limit is now at 200 Mbit and there is still 400-440 Mbit on the port (100% more).
The switch is pretty useless this way, since i do not have any control of the package size...
speedcolo
43 Posts
0
February 20th, 2010 08:00
If I recall, the 62xx can police on ingress-only. If you have a server connected to a switchport, and want to limit traffic coming from the server into the switch, then that is straightforward. However, if you want to limit traffic going to the server (e.g. download from Internet), then limiting on the server's port will not work. You would need to identify that traffic as it enters the switch (using "matches" applied to the other ports on the switch), and police that ingress traffic as an aggregate.
The following config (hopefully) polices traffic from each of the servers on ports g1 and g2 as they send traffic to the switch, by matching on "any" destination MAC address. (if someone knows a simpler way to "match any" on ingress, please let me know!).
The config also tries to identify the traffic that is entering the switch, which will be forwarded out to the servers on ports g1 and g2. In this case, the uplink port is a trunk to a router, and each server has its own VLAN, so the traffic is being matched by VLAN where it enters the switch. If all the servers were on a single VLAN, and your traffic is all IP packets, then you may choose to "
match dstip" instead of "match vlan".class-map match-all port1 exit class-map match-all port2 exit class-map match-all vlan50 exit class-map match-all vlan51 exit class-map port1 match destination-address mac 00:00:00:00:00:00 00:00:00:00:00:00 exit class-map port2 match destination-address mac 00:00:00:00:00:00 00:00:00:00:00:00 exit class-map vlan50 match vlan 50 exit class-map vlan51 match vlan 51 exit policy-map PolicePort1 in class port1 police-simple 250000 128 conform-action transmit violate-action drop exit exit policy-map PolicePort2 in class port2 police-simple 250000 128 conform-action transmit violate-action drop exit exit policy-map PoliceVlans in class vlan50 police-simple 400000 200 conform-action transmit violate-action drop exit class vlan51 police-simple 400000 200 conform-action transmit violate-action drop exit exit interface ethernet 1/g1 service-policy in PolicePort1 description 'server 1 limited to 250mbps up and 400mbps down' switchport access vlan 50 exit interface ethernet 1/g2 service-policy in PolicePort2 description 'server 2 limited to 250mbps up and 400mbps down' switchport access vlan 51 exit interface ethernet 1/g24 service-policy in PoliceVlans description 'trunk to router' switchport mode trunk switchport trunk allowed vlan add 50,51 exit