Chapter 13: Quality of Service 241
Section 13-2
IOS switches can selectively choose the source for the internal DSCP values from
ingress traffic. For frames matching the class map, the DSCP value can be
derived from cos (using the CoS-to-DSCP mapping), dscp (using the inbound
DSCP as is), or ip-precedence (using the ToS-to-DSCP mapping).
d. Use a policer to control the bandwidth of matching traffic.
■ (Optional) Use a named aggregate policer:
(pmap-class) police aggregate policer-name
■ The policer named policer-name (text string) controls the aggregate traffic
from all the ingress ports to which it is assigned.
■ (Optional) Define a per-interface policer for controlling one interface:
(pmap-class) police [aggregate policer-name] [flow] rate burst [max-
burst] [pir peak-rate] [conform-action action] [exceed-action
action] [violate-action action]
When a policer is defined as a part of the policy, it operates only on the
aggregate traffic from the ingress port where the policy is assigned. Use the
aggregate keyword to define an aggregate policer or the flow keyword to
define a microflow policer.
Tip To use microflow policers on an IOS switch, you must first enable the microflow
functionality with the mls qos flow-policing command. In addition, microflow policing of
bridged traffic must also be enabled on a PFC2 or to police multicast traffic. This is done
with the mls qos bridged VLAN interface command.
Set the CIR rate (32,000 to 4,000,000,000 in bps) and the burst size (1000 to
512,000,000 bytes). With a PFC2 module, you can also specify a PIR with
the pir keyword and a peak-rate (32,000 to 4,000,000,000 in bps) and a
maximum burst size max-burst (1000 to 512,000,000 bytes).
Tip The rate value you specify for a CIR or PIR might differ from the value that is actual-
ly used. See the rate and burst ranges and actual granularities shown in Step 5b. 
As a rule of thumb, the burst size should be set to 32 kilobits (4096 bytes for IOS) or
greater. Because the burst size operates the token bucket, use caution when choosing a
value. Packets that arrive and cause the token bucket to exceed the burst value can poten-
tially be dropped.
Therefore, choose a burst value that is greater than the rate value divided by 4000 and also
greater than the size of the largest frame you expect to receive. If you choose a burst that
is too small, frames that are larger than the burst value will be out-of-profile and can be
dropped.