A customer is looking for a Cisco switch where they can rate-limit/police both ingress and egress traffic on a particular VLAN. They’re an ISP, and need to limit traffic to X-Mbps in/out on specific VLANs for their colo customers. Is there a way to accomplish this within an access switch, such as the Cisco 3560-X series? Their core switch apparently isn’t capable of any of this, so trunking the VLAN to the core isn’t an option.
Looking at the QoS chapter of the 3560-X configuration guide - http://tinyurl.com/69jdhow
- I see some examples of where you can implement policing through service policies, but this appears only to be for ingress traffic (not egress). Plus, the examples all reference physical interfaces vs. VLAN’s. Again, the goal is to rate-limit traffic arriving from, or exiting to a particular customer VLAN. (I saw the “mls qos vlan-based” command does – “enables VLAN-based QoS on the port” – not clear what that does, or if it would apply here.)
Thank you – looking for design options to accomplish what the customer is looking for here, as well as configuration examples.