NEXUS 9000 queuing or shaping for outbound traffic

i have a nexus 9000

Hardware
  cisco Nexus9000 C93180YC-FX Chassis

Software
  BIOS: version 05.24
  NXOS: version 7.0(3)I7(2)
  BIOS compile time:  08/02/2017
  NXOS image file is: bootflash:///nxos.7.0.3.I7.2.bin


i want to limit outbound traffic from interface , so i have created policy-map

policy-map type qos POLICE-10M
  class class-default
    police cir 10 mbps bc 1 mbytes conform transmit violate drop

and apply it to the interface


interface Ethernet1/20
  service-policy type qos input POLICE-10M
  service-policy type qos output POLICE-10M
  no ip redirects
  ip address 7X.3X.XX.XXX/30
  no shutdown


but Policing only works ingress on Nexus 9k.


does anyone have a example how to do queuing or shaping for outbound traffic with same kind of limit ?

thank you.
LVL 2
spmtAsked:
Who is Participating?
I wear a lot of hats...

"The solutions and answers provided on Experts Exchange have been extremely helpful to me over the last few years. I wear a lot of hats - Developer, Database Administrator, Help Desk, etc., so I know a lot of things but not a lot about one thing. Experts Exchange gives me answers from people who do know a lot about one thing, in a easy to use platform." -Todd S.

Soulja53 6F 75 6C 6A 61 Commented:
Give this a go:


policy-map type queing SHAPE-10M
  class class-default
    shape min 1 mbps max 10mbps


interface Ethernet1/20
  service-policy type qos input POLICE-10M
  service-policy type queuing output SHAPE-10M
0
spmtAuthor Commented:
Hello,

no i cannot created this  :  class class-default


policy-map type queuing SHAPE-10M

NEXUS-SP-0B(config-pmap-que)# class ?
  type  Specify the type of class



NEXUS-SP-0B(config-pmap-que)# class type queuing ?
  c-in-q-default      Ingress default queue
  c-in-q1             Ingress queue 1
  c-in-q2             Ingress queue 2
  c-in-q3             Ingress queue 3
  c-in-q4             Ingress queue 4
  c-in-q5             Ingress queue 5
  c-in-q6             Ingress queue 6
  c-in-q7             Ingress queue 7
  c-out-8q-q-default  Egress default queue
  c-out-8q-q1         Egress queue 1
  c-out-8q-q2         Egress queue 2
  c-out-8q-q3         Egress queue 3
  c-out-8q-q4         Egress queue 4
  c-out-8q-q5         Egress queue 5
  c-out-8q-q6         Egress queue 6
  c-out-8q-q7         Egress queue 7
  c-out-q-default     Egress default queue
  c-out-q1            Egress queue 1
  c-out-q2            Egress queue 2
  c-out-q3            Egress queue 3

and i don't know how to do after.

Thanks and Regards,
0
Soulja53 6F 75 6C 6A 61 Commented:
Sorry the syntax is somewhat different on Nexus, you need to:

class type queuing c-out-q-default
       shape min 1 mbps max 10mbps
0
Newly released Acronis True Image 2019

In announcing the release of the 15th Anniversary Edition of Acronis True Image 2019, the company revealed that its artificial intelligence-based anti-ransomware technology – stopped more than 200,000 ransomware attacks on 150,000 customers last year.

spmtAuthor Commented:
Hello ,

when i try to do this

NEXUS-SP-0B(config-pmap-que)# class type queuing c-out-q-default

NEXUS-SP-0B(config-pmap-c-que)# shape min 1 mbps max 10 mbps
Shape min rate should be either 0 mbps or between 100 mbps & 100000 mbps

NEXUS-SP-0B(config-pmap-c-que)# shape min 0 mbps max 10 mbps
Shape max rate should be between 100 mbps & 100000 mbps

and if i try in kbps

NEXUS-SP-0B(config-pmap-c-que)# shape min 0 kbps max 10000 kbps
Shape max rate should be between 100000 kbps & 100000000 kbps

it look like we can't go under 100Mbps with shaping option.

and i think we also need configure all 4 queue.

an oder idea to do that ?

Thanks and Regards,
0
Soulja53 6F 75 6C 6A 61 Commented:
What model and nxos version are you running? I can enter those values without issue on my 9k's running 7.0(3)I4(7)
0
spmtAuthor Commented:
Hello,

i have the same nxos version

Software
  BIOS: version 05.28
  NXOS: version 7.0(3)I7(4)
  BIOS compile time:  01/18/2018
  NXOS image file is: bootflash:///nxos.7.0.3.I7.4.bin

maybe not the same model

Hardware
  cisco Nexus9000 C93180YC-FX Chassis
  Intel(R) Xeon(R) CPU D-1528 @ 1.90GHz with 65809532 kB of memory.
  Processor Board ID FDO22192WW1


Thanks and Regards,
0
Soulja53 6F 75 6C 6A 61 Commented:
Mines:
Hardware
  cisco Nexus9000 C9332PQ chassis
  Intel(R) Core(TM) i3- CPU @ 2.50GHz with 16401396 kB of memory.


I don't believe that should be the issue.
0
spmtAuthor Commented:
Hello,

I don't know , i don't believe that too , maybe i need to open a case with cisco TAC to have answer for that.
0
Soulja53 6F 75 6C 6A 61 Commented:
Yes, I believe that is your best bet. Everything I am reading says you should be able to do this.
0
spmtAuthor Commented:
i will do that , and keep you inform

Thanks and Regards,
0
spmtAuthor Commented:
thank you for your answer.
0
Soulja53 6F 75 6C 6A 61 Commented:
You are welcome. Please update this thread with their feedback. I am very interested in their answer.
0
spmtAuthor Commented:
Hello,

cisco TAC have found the solution.

egress qos tcam need to be configured to make policy work

N9K1# show hardware access-list tcam region | i egr-l3
            Egress L3/VLAN QOS [egr-l3-vlan-qos] size = 0  , policing cannot happen if this is 0

so we need configure tcam for egress

hardware access-list tcam region egr-racl 512

hardware access-list tcam region egr-l2-qos 512

hardware access-list tcam region egr-l3-vlan-qos 512

and reload the nexus

configure policy and interface :

policy-map type qos POLICE-10M
  class class-default
    police cir 10 mbps bc 1 mbytes conform transmit violate drop

interface Ethernet1/20
 service-policy type qos output POLICE-10M no-stats

and it's works.
0

Experts Exchange Solution brought to you by

Your issues matter to us.

Facing a tech roadblock? Get the help and guidance you need from experienced professionals who care. Ask your question anytime, anywhere, with no hassle.

Start your 7-day free trial
Soulja53 6F 75 6C 6A 61 Commented:
Awesome. I just learned something. Thanks for the update.
0
It's more than this solution.Get answers and train to solve all your tech problems - anytime, anywhere.Try it for free Edge Out The Competitionfor your dream job with proven skills and certifications.Get started today Stand Outas the employee with proven skills.Start learning today for free Move Your Career Forwardwith certification training in the latest technologies.Start your trial today
nexus

From novice to tech pro — start learning today.