Courseiva
QoSCCNA 200-301

Policing Rate Set Too Low — Legitimate Traffic Being Dropped

Presenting Symptom

Users report intermittent connectivity and slow application performance, and monitoring shows legitimate traffic being dropped by the router.

Network Context

A small branch office with a Cisco 4321 ISR router running IOS XE 16.9 connects to the corporate WAN via a 10 Mbps link. The router has a QoS policy applied to limit traffic to 8 Mbps, but the policer is set too low, causing drops during normal business hours.

Diagnostic Steps

1

Check interface statistics for drops

show interfaces GigabitEthernet0/0/0
GigabitEthernet0/0/0 is up, line protocol is up
  MTU 1500 bytes, BW 10000 Kbit/sec
  input errors 0, CRC 0, frame 0
  output errors 0, collisions 0
  interface resets 0
  Output queue: 0/1000 (size/max)
  5 minute input rate 6000 bits/sec, 4 packets/sec
  5 minute output rate 8000 bits/sec, 6 packets/sec
     0 packets input, 0 bytes
     0 packets output, 0 bytes

Look for output drops or ignored packets. If no drops are shown here, the issue may be at the QoS policy level.

2

Verify QoS policy statistics

show policy-map interface GigabitEthernet0/0/0
GigabitEthernet0/0/0

  Service-policy output: QOS-POLICY

    class-map: TRAFFIC-CLASS (match-all)
      1000 packets, 100000 bytes
      5 minute offered rate 8000 bps
      drop rate 2000 bps
      match: ip dscp ef
      police:
          cir 4000000 bps, bc 125000 bytes
        conformed 500 packets, 50000 bytes; actions:
          transmit
        exceeded 500 packets, 50000 bytes; actions:
          drop
        conformed 4000 bps, exceed 4000 bps

Check the 'drop rate' and 'exceed' counters. If the drop rate is non-zero and exceeds are high, the policer CIR is too low for the actual traffic.

3

Check current traffic rate and compare to policer CIR

show policy-map interface GigabitEthernet0/0/0 class TRAFFIC-CLASS
GigabitEthernet0/0/0: TRAFFIC-CLASS

  police:
      cir 4000000 bps, bc 125000 bytes
    conformed 500 packets, 50000 bytes; actions:
      transmit
    exceeded 500 packets, 50000 bytes; actions:
      drop
    conformed 4000 bps, exceed 4000 bps

Compare the 'conformed' and 'exceed' rates. If the exceed rate is significant, the CIR is set too low. The offered rate (from show interfaces) should be close to the sum of conformed and exceed rates.

4

Identify the class-map match criteria

show class-map TRAFFIC-CLASS
Class Map match-any TRAFFIC-CLASS (id 1)
   Match: ip dscp ef

Confirm which traffic is being policed. If legitimate traffic (e.g., voice or critical data) is matched, the policer may be too restrictive.

Root Cause

The QoS policy-map 'QOS-POLICY' has a police command with a CIR of 4 Mbps, but the actual traffic rate for the matched class (DSCP EF) averages 8 Mbps. This causes half the traffic to be dropped, as the policer exceeds its committed information rate.

Resolution

Increase the CIR to match the actual traffic rate or adjust the policy to allow more bandwidth. Router(config)# policy-map QOS-POLICY Router(config-pmap)# class TRAFFIC-CLASS Router(config-pmap-c)# police 8000000 250000 conform-action transmit exceed-action drop Router(config-pmap-c)# end Router# write memory

Verification

Run 'show policy-map interface GigabitEthernet0/0/0' again and confirm the drop rate is zero or minimal. Expected output: GigabitEthernet0/0/0 Service-policy output: QOS-POLICY class-map: TRAFFIC-CLASS (match-all) 2000 packets, 200000 bytes 5 minute offered rate 8000 bps drop rate 0 bps match: ip dscp ef police: cir 8000000 bps, bc 250000 bytes conformed 2000 packets, 200000 bytes; actions: transmit exceeded 0 packets, 0 bytes; actions: drop conformed 8000 bps, exceed 0 bps

Prevention

1. Baseline traffic patterns before applying QoS policies to set appropriate CIR values. 2. Use 'show policy-map interface' regularly to monitor drop rates. 3. Implement hierarchical QoS or shaping instead of strict policing for critical traffic.

CCNA Exam Relevance

On the CCNA 200-301 exam, this scenario appears in troubleshooting questions where a QoS policer is dropping traffic. The exam tests the ability to interpret 'show policy-map interface' output and identify that the CIR is too low. Candidates must know the difference between policing (drops) and shaping (queues).

Exam Tips

1.

Memorize the 'show policy-map interface' command and understand the conformed vs exceed counters.

2.

Remember that policing drops traffic when the rate exceeds CIR, while shaping buffers it.

3.

In the exam, if you see 'drop rate' non-zero and 'exceed' actions are 'drop', the CIR is likely too low.

Commands Used in This Scenario

show class-map

Displays the configuration and match criteria of all class maps or a specific class map, used to verify QoS classification rules.

show interfaces

Displays detailed status and statistics for all interfaces or a specific interface, used to verify interface operational state, errors, and performance.

show policy-map interface

Displays the current QoS policy applied to an interface, including per-class statistics such as packets matched, bytes, and actions taken, used to verify and troubleshoot QoS configurations.

Test Your CCNA Knowledge

Practice with scenario-based questions to prepare for the CCNA 200-301 exam.

Practice CCNA Questions