police rate [bps] burst [bytes]
Configures traffic policing on a class map to enforce a maximum bit rate and burst size, dropping or remarking packets that exceed the rate.
police rate [bps] burst [bytes]When to Use This Command
- Limit bandwidth for peer-to-peer traffic to 1 Mbps to prevent congestion on a WAN link.
- Police voice traffic to 256 kbps to ensure consistent quality while dropping excess packets.
- Enforce a 10 Mbps rate limit for a customer's internet access circuit.
- Mark traffic exceeding 5 Mbps with a lower DSCP value for differentiated treatment.
Command Examples
Basic policing with drop action
police rate 1000000 burst 20000police rate 1000000 burst 20000 conform-action transmit exceed-action drop
The command sets a police rate of 1 Mbps with a burst size of 20,000 bytes. Conforming traffic is transmitted; exceeding traffic is dropped.
Policing with set-dscp-transmit action
police rate 5000000 burst 50000 conform-action transmit exceed-action set-dscp-transmit 0police rate 5000000 burst 50000 conform-action transmit exceed-action set-dscp-transmit 0
Sets a 5 Mbps rate with 50 KB burst. Conforming traffic passes; exceeding traffic is marked with DSCP 0 (best effort).
Understanding the Output
The output shows the configured police rate in bps and burst size in bytes. The 'conform-action' defines what happens to traffic within the rate (typically 'transmit'). The 'exceed-action' defines action for traffic exceeding the rate (e.g., 'drop' or 'set-dscp-transmit'). In 'show policy-map', you'll see counters for conformed and exceeded packets. High exceeded counts indicate the rate is too low or burst is too small. Good values show most packets conforming.
CCNA Exam Tips
Remember the default actions: conform-action transmit, exceed-action drop.
The burst parameter is crucial for token bucket operation; exam may test its effect on bursty traffic.
Policing can mark down DSCP or drop; shaping queues excess traffic. Know the difference.
Police is configured in policy-map class mode; apply via service-policy input/output.
Common Mistakes
Forgetting to specify burst size, causing default burst (often 1500 bytes) which may be too small.
Applying police in the wrong direction (input vs output) relative to traffic flow.
Confusing police with shape; police drops, shape buffers.
Related Commands
policy-map [name]
Creates or modifies a QoS policy-map that defines a set of class-maps and associated actions (e.g., bandwidth, priority, drop) to apply to traffic on Cisco IOS routers.
service-policy [input|output] [policy]
Applies a QoS policy map to an interface for inbound or outbound traffic classification, marking, policing, shaping, or queuing.
show policy-map
Displays the configuration and statistics of all policy maps applied to interfaces, used to verify QoS policies and monitor traffic class counters.
Practice for the CCNA 200-301
Test your knowledge with hundreds of CCNA practice questions covering all exam domains.
Practice CCNA Questions