Auto QoS in physical Interfaces Switch 4507R+E

Similar Messages

• Cisco 2960x - auto qos voip cisco-phone on access ports

  After configuring "auto qos voip cisco-phone" on a stack of 2960x switches, we later noticed that after a power cycle (config was saved first) it went missing when doing a "show run" from the interface configs, on one of the switches (g1/0/1-48 had it applied, then after power cycle it didn't show).  However, doing a "show auto qos interface" shows it is still applied to all interfaces g10/1-48. 
  I try to do "auto qos voip cisco-phone" again on g1/0/1-48, and it shows this:
  SwitchStack01(config-if-range)#auto qos voip cisco-phone
  AutoQoS Error: AutoQoS already configured
  % Range command terminated because it failed on GigabitEthernet1/0/1
  If I attempt to remove "auto qos voip cisco-phone", it shows this:
  SwitchStack01(config-if-range)#no auto qos voip cisco-phone
  AutoQoS Error: AutoQoS not configured
  % Range command terminated because it failed on GigabitEthernet1/0/1
  When I do a "show run", it is no longer displayed for the first switch of the stack.So is it still applied to the interfaces or not?   Is this a bug?  Has anyone else experienced this?  This has happened to at least a couple stacks of 2960x's we have. 
  Thanks!

  It appears to be a bug in the code.  Open a TAC ticket with Cisco and send them the output and the IOS version you are using so they can help you resolve the issue.   Most likely, they recommend an upgrade.
  HTH

• 1 policy-map for more than 1 physical interface

  Hi,
  the situation I want to achieve is, that 2 physical interfaces (here 2 TP GigbitEthernet Ports of a 3750) are limited together from one 'service-policy'/'policy-map'.
  In the example below I have 2 Ports on one switch and the traffic coming in on both ports in total (traffic port #1 + traffic port #2) should be limited to the 'policy-map 5MBits'.
  Right now I have configured a 3750 with:
  class-map match-all EveryMAC
  match access-group name everythingL2
  policy-map 5MBits
  class EveryMAC
  police 5000000 32768 exceed-action drop
  policy-map TEST
  class EveryMAC
  set dscp default
  mac access-list extended everythingL2
  permit any any
  interface GigabitEthernet1/0/1
  description port #1
  switchport access vlan 123
  switchport mode access
  speed 10
  duplex auto
  interface GigabitEthernet1/0/2
  description port #2
  switchport access vlan 123
  switchport mode access
  speed 10
  duplex auto
  interface Vlan123
  service-policy input TEST
  And at the 'other side' a 2950 works with the following config:
  class-map match-all EveryMAC
  match access-group name everythingL2
  policy-map 5MBits
  class EveryMAC
  police 5000000 32768 exceed-action drop
  mac access-list extended everythingL2
  permit any any
  interface FastEthernet0/1
  description port #A
  switchport access vlan 123
  switchport mode access
  speed 10
  duplex auto
  As far as I can see this seems to work. But it would be nice if someone can confirm this or provide an other suggestion.
  thanks in advance
  Mark

  Only thing i can think of is instead of using a MAC ACL , u cud jus use the default class
  Policy Map Test
  class class-default
  police 56000 8000 exceed-action drop
  Class Map match-any class-default (id 0)
  Match any
  You would be saving a MAC-ACL ;-).

• Unable to issue auto qos voip on CAT2950SX-24 using IOS c2950-i6q4l2-mz.121

  Hi,
  I am unable to issue the command auto qos voip on the interface fa0/1. I am also not able to see the command using the "?". But based on the Cisco documentation, the IOS is able to support that command. Any can help or have any ideas? Here is the documentation link
  http://www.cisco.com/en/US/products/hw/switches/ps628/products_command_reference_chapter09186a00804761fd.html#wp4214415
  Thanks

  Hi
  you can use the below link to find out whether the image installed in your comes with the support for auto qos or not.
  http://tools.cisco.com/ITDIT/CFN/jsp/index.jsp
  regds

• 3850 - auto qos voip cisco-phone

  I am having an issue where it appears that the "auto qos voip cisco-phone" command is marking down my voice packets COS and DSCP values to 0.  Anyone else notice this?  I am connecting Cisco 7945 phone to the interfaces with this command applied to the interface.  I verified that the IP Phone is sending COS = 5 and DSCP = ef to the switchport.  I verified the packets inbound to the switchport and the packets outbound as they transit to the destination IP Phone's switchport.

  Hi joshua,
  What is the IOS-XE version you are running on your 3850 ?
  Post your switchport configuration (7945 phone connected)
  Here is 3.3 QoS config guide & I noticed it says something like below qouted. So make sure this trust device command is there & your port is configured for standard VoIP port connectivity.(like voice vlan, etc)
  http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3850/software/release/3se/consolidated_guide/configuration_guide/b_consolidated_3850_3se_cg/b_consolidated_3850_3se_cg_chapter_01101000.html#reference_8A1C35AB2874498F90C4F5600301BE9D
  "The trust device device_type interface configuration command is only supported in an auto-QoS configuration, and not as a stand-alone command on the switch. When using the trust device device_type interface configuration command in an auto-QoS configuration, if the connected peer device is not a corresponding device (defined as a device matching your trust policy), both CoS and DSCP values are set to "0" and any input policy will not take effect"
  HTH
  Rasika
  ***** Pls rate all useful responses ****

• 3750 qos on routed interface

  I have 2 3750G-24 as the core of my voice/data network. I have 2 vlans (voice,data) and it seems like when I cross the routed interfaces (virtual vlanX interfaces) I lose my qos tagging. I have tried route-maps and policy maps but they are not working (the policy maps are not supported on virtual interfaces)
  Anyone with a solution?? I have searched cisco.com and unless i am blind, have not found what I am looking for.

  Here is the edge switchport config-
  End user port-----
  interface FastEthernet0/1
  switchport access vlan 50
  switchport trunk encapsulation dot1q
  switchport trunk native vlan 50
  switchport mode trunk
  switchport voice vlan 10
  mls qos trust device cisco-phone
  mls qos trust cos
  auto qos voip cisco-phone
  wrr-queue bandwidth 20 1 80 1
  wrr-queue min-reserve 1 5
  wrr-queue min-reserve 2 6
  wrr-queue min-reserve 3 7
  wrr-queue min-reserve 4 8
  wrr-queue cos-map 1 0 1 2 4
  wrr-queue cos-map 3 3 6 7
  wrr-queue cos-map 4 5
  priority-queue out
  spanning-tree portfast
  Gigabit uplink port------------
  interface GigabitEthernet0/1
  switchport trunk encapsulation dot1q
  switchport mode trunk
  mls qos trust cos
  auto qos voip trust
  wrr-queue bandwidth 20 1 80 1
  wrr-queue queue-limit 80 1 20 1
  wrr-queue cos-map 1 0 1 2 4
  wrr-queue cos-map 3 3 6 7
  wrr-queue cos-map 4 5
  priority-queue out
  end
  Here is the core switch-
  interface GigabitEthernet1/0/24
  switchport trunk encapsulation dot1q
  switchport mode trunk
  srr-queue bandwidth share 10 10 60 20
  srr-queue bandwidth shape 10 0 0 0
  mls qos trust cos
  no mdix auto
  auto qos voip trust
  end
  Core Vlan Interfaces----
  interface Vlan1
  no ip address
  interface Vlan2
  description Data Vlan
  ip address 10.199.0.29 255.255.252.0
  interface Vlan10
  description Voice Vlan
  ip address 10.199.10.1 255.255.255.0
  All of the qos settings are a result of using Auto QoS

• The difference between IEEE802.1Q Native VLAN sub-interface and Physical interface?

  Hello
  I think the following topologies are supported for Cisco Routers
  And the Physical interface also can be using as Native VLAN interface right? 
  Topology 1.
   R1 Gi0.1 ------ IEEE802.1Q Tunneling  L2SW ------ Gi0 R2
  R1 - configuration
  interface GigabitEthernet0.1
   encapsulation dot1Q 1 native
   ip address 10.0.0.1 255.255.255.0
  Topology 2.
  R1 Gi0 ------ IEEE802.1Q Tunneling L2SW ------ Gi0 R2
  interface GigabitEthernet0
  ip address 10.0.0.1 255.255.255.0
   And is it ok to use the physical interface and sub-interface with dynamic routing such as EIGRP or OSPF etc?
  R1 Gi 0 ---- Point to Multipoint EIGRP or OSPF ---- Gi0 R2 / R3 
        Gi 0.20--- Point to Point EIGRP or OSPF --- Gi0.10 R4  (same VLAN-ID) 
  R1 - configuration
  interface GigabitEthernet0
   ip address 10.0.0.1 255.255.255.0
  interface GigabitEthernet8.20
   encapsulation dot1Q 20
   ip address 20.0.0.1 255.255.255.0
  Any information is very appreciated. but if there is any CCO document please let me know.
  Thank you very much and regards,
  Masanobu Hiyoshi

  Hello,
  The diagram is helpful.
  If I am getting you correctly, you have three routers interconnected by a switch, and you want them to operate in a hub-and-spoke fashion even though the switch is capable of allowing direct communication between any of these routers.
  Your first scenario is concerned with all three routers being in the same VLAN, and by using neighbor commands, you force these routers to establish targeted EIGRP adjacencies R1-R2 and R1-R3, with R1 being the hub.
  Your second scenario is concerned with creating one VLAN per spoke, having subinterfaces for each spoke VLAN created on R1 as the router, and putting each spoke just in its own VLAN.
  Your scenarios are not really concerned with the concept of native VLAN or the way it is configured, to be honest. Whether you use a native VLAN in either of your scenarios, or whether you configure the native VLAN on a subinterface or on the physical interface makes no difference. There is simply no difference to using or not using a native VLAN in any of your scenarios, and there is no difference to the native VLAN configuration being placed on a physical interface or a subinterface. It's as plain as that. Both your scenarios will work.
  My personal opinion, though, is that forcing routers on a broadcast multi-access segment such as Ethernet to operate in a hub-and-spoke fashion is somewhat artificial. Why would you want to do this? Both scenarios have drawbacks: in the first scenario, you need to add a neighbor statement for each spoke to the hub, limiting the scalability. In the second scenario, you waste VLANs and IP subnets if there are many spokes. The primary question is, though: why would you want an Ethernet segment to operate as a hub-and-spoke network? Sure, these things are done but they are motivated by specific needs so I would like to know if you have any.
  Even if you needed your network to operate in a hub-and-spoke mode, there are more efficient means of achieving that: Cisco switches support so-called protected ports that are prevented from talking to each other. By configuring the switch ports to spokes as protected, you will prevent the spokes from seeing each other. You would not need, then, to configure static neighbors in EIGRP, or to waste VLANs for individual spokes. What you would need to do would be deactivating the split horizon on R1's interface, and using the ip next-hop-self eigrp command on R1 to tweak the next hop information to point to R1 so that the spokes do not attempt to route packets to each other directly but rather route them over R1.
  I do not believe I have seen any special CCO documents regarding the use of physical interfaces or subinterfaces for native VLAN or for your scenarios.
  Best regards,
  Peter

• How to enable auto QoS on C4500-X

  How to enable auto QoS on C4500-X for Cisco phone? Since it is different from the global commands 'mls qos',who has the example? Thanks.

  http://www.cisco.com/en/US/docs/switches/lan/catalyst4500/12.2/20ew/configuration/guide/macro.html
  Take a look at this document
  And this one
  http://www.cisco.com/en/US/prod/collateral/switches/ps5718/ps4324/prod_white_paper0900aecd8041691c.html

• Configure Auto QoS on WS-C4500X

  Hi!!
  I have two 4500X connected via VSS and on the edge I have 2960X and 3750. All edge switch have Auto QoS configuration activated for voip.
  On 4500X I don't have the mls qos or qos only prompt to activate the QoS on the etherchannels.
  Is there a different way on configure the Auto QoS on the 4500X?
  I have the following software on my 4500X:
  SWITCH-A#sh ver | in IOS
  Cisco IOS Software, IOS-XE Software, Catalyst 4500 L3 Switch  Software (cat4500e-UNIVERSAL-M), Version 03.06.00.E RELEASE SOFTWARE (fc3)
  Cisco IOS-XE software, Copyright (c) 2005-2014 by cisco Systems, Inc.
  All rights reserved.  Certain components of Cisco IOS-XE software are
  documentation or "License Notice" file accompanying the IOS-XE software,
  or the applicable URL provided on the flyer accompanying the IOS-XE
  SWITCH-A#
  SWITCH-A#sh ver | in ROM
  ROM: 15.0(1r)SG11
  System returned to ROM by power-on
  SWITCH-A#
  SWITCH-A#sh license image levels
  Module name        Image level  Priority  Configured  Valid license
  WS-C4500X-16       entservices  1         NO          entservices            
                     ipbase       2         NO          ipbase                 
  Module Name     Role           Current Level     Reboot Level
  WS-C4500X-16    Active         ipbase            ipbase  
  I looked on several docs and they spoke about the mls qos trus cos command but since I can't activate the QoS globally ...
  Can someone give me a clue???
  Best Regards,
  Jose Carlos

  Hi Reza!!! Thanks for your reply.
  I've looked on the net and found this blog http://blog.lah.io/2013/10/cisco-catalyst-4500-x-etherchannel-auto.html and thought that there is something wrong with my IOS, like a missing license.
  I will read your guide and try to configure like that but you must agree that auto qos is far more easy and reliable. Strange that the guy on the blog can configure auto qos...
  Best Regards,
  Jose Carlos

• Auto qos voip cisco-phone

  Hello,
  I am very new to voip, second day.  I have configured a 3850 stack to trust cisco phones on the switchports with the auto qos feature. I am interested to know where else I have to apply qos for the policy's to apply. The 3850 stack is uplinked to a 4500x "core". My question is once the qos is applied at the switch port, is everything just grand and my qos will work or does it have to be applied elsewhere.
  Thank you.
  Dallas

  It has to be applied all throughout your network. Ie Core switch, access layer, uplinks to voice servers/gateways and access ports to phones. If you have wireless phones, those will have to be considered as well.

• Auto QoS Voip Trust question

  Hello,
  I am a little confused on the auto qos voip trust command. I am reading that it should be used on interior switchports like trunk ports connected to another switch. I guess my question is this: If the auto qos voip command tells the switchport to trust the incoming CoS values, then isnt it redundant to tell the port to "trust" the incoming CoS value when the auto qos voip command is already accomplishing this? Or does this have something to do with trusting DSCP values instead of CoS values? If so, why are we trusting DSCP values at the uplinks and not CoS values coming from the IP Phone? Im so confused. Thanks for any light you can shed on this topic.
  Chris.

  Chris
  Yes, the trust value used for "auto qos voip trust" depends on the operation of the port as you say.
  And yes when you use the "cisco-phone" option it will trust the values but as you say only if it detects a Cisco IP phone and it does this by using CDP. 
  What is not entirely clear, at least to me, is exactly which markings the "cisco-phone" option trusts. There seems to be conflicting information but the configuration guide talk about DSCP markings so it may be those but i can't say for sure as i have limited experience in that area.
  Jon

• URGENT! Setting QoS DSCP value on switches

  Hi,
  I desperately need replies to my problem below.
  I tried to set DSCP values to 2 applications, video and video conference, on cisco 3560 and cisco 2950 swtiches based on the source ip address of the servers.
  So on the switches, I created an access-list to identify the servers' ip addresses.
  Then I use "class-map match-any video" followed by "match access-group" for the access-list.
  Then I use "policy-map policy1", then "class video" then "set dscp ef".
  Finally I apply the policy to the INPUTS of all ports "service-policy input policy1"
  But when I use a sniffer to sniff the ports, I see that the DSCP value is not "EF", instead it is "0x20, class 4".
  Why is this so?
  Where have I done wrongly?
  Finally, on routers, where do I apply QOS policy? On input ports or output ports of routers?
  I urgently need help.
  Thank you.
  Regards,
  Rachel

  Rachel,
  Without seeing what you have in place so far, I'll see if I can answer some of those questions. If the switch connects to a router, then the outbound (egress) interface would in fact be that interface on the switch that connects to a router. Best practices dictate that the classification and marking should be done on the inbound (ingress) interface which connects the switch to the network where the host resides.
  If you wanted to implement an end-to-end QoS solution, then you should configure QoS on every interface between the source and destination. This is because even FastE/GigE ports can become congested due to worm outbreak or DOS attack. But if all you want to do right now is guarantee bandwidth to the video traffic across the WAN, that can be accomplished by a) classifying and marking the video traffic as close to the source as possible, and b) configuring queuing/scheduling on the outbound WAN interface based on those markings.
  Once the switch has marked the traffic with a DSCP value per (a), that DSCP value should remain intact until it reaches the WAN router per (b), and all the way until it reaches its destination. That is, unless there is a device somewhere in between that is remarking traffic. If the switch you reference is not directly connected to the router you reference, there could be another switch or router in between marking everything back to DSCP 0, meaning that all traffic is untrusted.
  I don't have a 2950 here with me, but without checking syntax this is basically what you should have, if you just want to mark video traffic EF and then guarantee bandwidth on the wan:
  2950:
  access-list permit
  class-map match-any VIDEO
  match access-group
  policy-map POLICY1
  class VIDEO
  set ip dscp 46 !
  interface
  service-policy input POLICY1
  Router:
  class-map match-any EF_VIDEO
  match ip dscp 46
  policy-map VIDEO_OUT
  class EF_VIDEO
  priority 1600
  interface
  service-policy output VIDEO_OUT
  If you are sniffing traffic on that switch to ensure that video traffic is being marked, make sure that you are sniffing the outbound interface toward the router, not the inbound interface from the host. That will ensure that your sniffer trace picks up the traffic after it has been marked DSCP 46.
  Just in case this post is related to your post where you want to lock the router WAN interface so that the 1.6 megs of video gets through but other traffic is dropped when the video takes the full 1.6 megs of bandwidth...
  QoS queuing/scheduling only kicks in when the interface experiences congestion. If there is no congestion on the interface, traffic will still be marked and policed per the service policy, but not queued/scheduled - it will just fly right through the interface with the new markings. The only way to force such congestion at 1.6 megs is to use traffic shaping. You would need to shape the entire interface down to 1.6 megs, and THEN apply the priority bandwidth. This can be accomplished with a hierarchical policy-map as follows:
  Router:
  class-map match-any EF_VIDEO
  match ip dscp 46
  policy-map VIDEO_OUT
  class EF_VIDEO
  priority 1600
  policy-map SHAPE_OUT
  class class-default
  shape average 1600000
  service-policy VIDEO_OUT
  interface
  service-policy output SHAPE_OUT
  I really hope I am helping you out here, please let me know how this works out. Good luck!
  Best Regards
  Robert

• Question about "Auto Qos Voip Trust" on 3560X

  Hi,
  I applied command "auto qos voip trust" to the uplink interface.
  But I found that the interface shown command "auto qos trust" was applied when i show running-config.
  Could the command "auto qos voip trust" show in the configuration after i applied?
  If not, how can i check the interface that applied "auto qos voip trust"? Thanks!
  James Lai

  No.
  After i aplied "auto qos voip trust" to the interface Gi1/1
  When i show running-config, that shown asa below:
  interface GigabitEthernet1/1
  srr-queue bandwidth share 1 30 35 5
  priority-queue out
  mls qos trust cos
  auto qos trust
  I found that the interface configured as auto qos trust but not auto qos voip trust.
  Is the command "auto qos voip trust" no applied to the interface Gi1/1?
  How can i apply auto qos voip trust to the interface? Thanks!

• Auto qos voip trust is not supprting my cisco router1800

  Please some one help me..
  when i am applying 
  Router(config)# interface FastEthernet0/0
  Router(config-if)# auto qos voip trust
  it is giving this message 
  % Invalid input detected at '^' marker.
  thats mean i can't apply auto qos voip trust  command .. why is it so ?? 

  Hello.
  auto qos requires smart L2 interfaces.
  In your case, I assume, it's the L3 interface.

• 2960-X and Auto QoS

  Looking for instructions on configuring Auto QoS on a 2960-X switch.
  Any help would be appreciated.
  Dan

  Looking for instructions on configuring Auto QoS on a 2960-X switch.
  Any help would be appreciated.
  Dan