Name: Cisco Catalyst 4500 Series
Brand: Cisco
Rating: 4 (1 reviews)

To Next Page

To Previous Page

57-19

Catalyst 4500 Series Switch, Cisco IOS Software Configuration Guide - Cisco IOS XE 3.9.xE and IOS 15.2(5)Ex

Chapter 57 Configuring Control Plane Policing and Layer 2 Control Packet QoS

Configuring Layer 2 Control Packet QoS

Switch(config)# macro global apply system-cpp

Switch(config)# policy-map system-cpp-policy

Switch(config-pmap)# class system-cpp-bpdu-range

Switch(config-pmap-c)# police 50k

Switch(config-pmap-c-police)# exit

Switch(config-pmap-c)# exit

Note To reduce the consumption of policer resources, you can also use named-aggregate policers applied to a

group of ports or VLANs.

Note Do not modify class maps and MACLs that are auto-generated by the system. This action can cause

unexpected behavior when the switch reloads or when the running configuration is updated from a file.

To refine or modify system-generated class maps or MACLs, apply user-defined class maps and MACLs.

Note User defined class map names must begin with the prefix system-control-packet. If not, certain hardware

(Catalyst 4924, Catalyst 4948, Catalyst 4948-10GE, Supervisor Engine II-Plus, Supervisor Engine

II+10GE, Supervisor Engine V, and Supervisor Engine V-10GE) might not perform the configured QoS

action.

For example, the following are valid user-defined class map names to police Layer 2 control packets

because they begin with the prefix system-control-packet:

system-control-packet-bpdu1

system-control-packet-control-packet

No such restrictions exist on the names you can use for user-defined MACLs (access-groups).

The following example shows how to create user-defined MACLs and class maps to identify EAPOL and

BPDU packets. Because the auto-generated class map system-control-packet-bpdu range matches three

packet types (BPDU, EAPOL, and OAM), policing this traffic class affects all three packet types. To

police BPDU and EAPOL packets at different rates, you can set user-defined MACL and class map as

follows:

Switch(config)# mac access-list extended system-control-packet-bpdu

Switch(config-ext-macl)# permit any host 0180.c200.0000

Switch(config-ext-macl)# exit

Switch(config)# class-map match-any system-control-packet-bpdu

Switch(config-cmap)# match access-group name system-control-packet-bpdu

Switch(config-cmap)# exit

Switch(config)# mac access-list extended system-control-packet-eapol

Switch(config-ext-macl)# permit any host 0180.c200.0003

Switch(config-ext-macl)# exit

Switch(config)# class-map match-any system-control-packet-eapol

Switch(config-cmap)# match access-group name system-control-packet-eapol

Switch(config-cmap)# exit

Other manuals for Cisco Catalyst 4500 Series

Manual19 pages

Command Reference Guide1230 pages

System Message Guide150 pages

Configuration Guide1610 pages

Administration Guide1814 pages

Message Guide146 pages

Installation Guide194 pages

Datasheet11 pages

Overview46 pages

Quick Reference Guide59 pages

Questions and Answers:

Need help?

Do you have a question about the Cisco Catalyst 4500 Series and is the answer not in the manual?

Cisco Catalyst 4500 Series Specifications

General

Series	Catalyst 4500 Series
Category	Switch
Layer Support	Layer 2, Layer 3
Form Factor	Modular chassis
Stackable	No
Chassis Slots	3, 6, 7, 10
Power Supply Options	AC, DC
Redundancy	Power supply, Supervisor engine
Network Management	Cisco IOS Software CLI, SNMP, Cisco Prime Infrastructure
Features	Security, QoS
Port Density	Up to 384 ports per chassis
Security Features	802.1X, ACLs, DHCP Snooping, Dynamic ARP Inspection, IP Source Guard
Supervisor Engine	8-E