Dot1q-tunnel cos mapping
Is it possible to map the cos from a tagged frame into the metro tag cos field when it enters a dot1q-tunnel port?
The only option I see to set cos on a dot1q-tunnel port is to statically configure a value using the <mls qos cos <value> > commmand, this is with the 3750.
Thanks
It all depends on the hardware.
For example 3750 Metro support copying inner CoS value to the outer tag. It is also supported by 4500s with SUPV-10GE.
Also this functionality is possible with ES20 cards in 7600.
Overall there is not much hardware that support it. The functionality you are looking for is called "ntelligent IEEE 802.1Q tunneling QoS"
http://www.cisco.com/en/US/docs/switches/metro/catalyst3750m/software/release/12.2_25_seg_seg1/configuration/guide/swtunnel.html#wp1010491
Similar Messages
-
"trust cos" on dot1q-tunnel interface
Hello,
we've MAN based on Cat 6500 and Cat 3750, we're using QinQ as one of our backbone technologies.
We need to implement "trust cos" on QinQ port for one of our customers (= rewrite CoS bits from the internal 802.1q header (coming from customer) to the external 802.1q header). Do you have some idea how to deal with it ?
We've done several experiments, but we haven't found any solution except CoS-to-CoS map, which is "Cat 6500 only" and "per-group-of-ports" feature. We need to implement it per port (only for this cusomer).
We're looking for this because customer is using MPLS and we need to "trust QoS" as it is set by the customer. Customer is able to set
- DSCP in IP header
- MPLS exp. bits
- CoS in dot1q header.
Have you ever come accross something like this?
Have you found any solution?
Thanks
Jan Klicka, SITMPIt's difficult for Cisco Cat 6500.Why don't you consider products from other vendors?
-
Hello,
I am trying to setup a dot1q-tunnel on a Catalyst 6506 running IOS 12.2 and am running into trouble. I have followed everything in the manual and from other's examples, but I continually get the error:
Command rejected: Gi1/1 doesn't support 802.1q tunneling.
To get there I have done:
Router(config)#vlan dot1q tag native
Router(config)#interface range gig 1/1-48
Router(config-if-range)#spanning-tree bpdufilter enable
Router(config-if-range)#spanning-tree portfast
Router(config-if-range)#switchport mode dot1q-tunnel
and it says command rejected for all 48 ports.
If anyone has any insight it would be greatly appreciated. Thank you for your timeif you can't make tunnel with dot1q, check the capability of the module using follow command..
[example]
Swith#show interfaces gigabitEthernet 0/1 capabilities
GigabitEthernet0/1
Model: WS-C3550-24
Type: unknown
Speed: 1000
Duplex: full
Trunk encap. type: 802.1Q,ISL <<<--- capability
Trunk mode: on,off,desirable,nonegotiate
Channel: yes
Broadcast suppression: percentage(0-100)
Flowcontrol: rx-(off,on,desired),tx-(off,on,desired)
Fast Start: yes
QOS scheduling: rx-(1q0t),tx-(4q2t),tx-(1p3q2t)
CoS rewrite: yes
ToS rewrite: yes
UDLD: yes
Inline power: no
SPAN: source/destination
PortSecure: yes
Dot1x: yes -
Hi,
I don't understand how to make to improve the security of dot1q tunneling. If the client makes some errors by example by disabling the spanning-tree on a vlan and he creates a loop between differents sites (L2VPN). What are the safety standards for Q-in-Q to protect the provider ?
Thank you for your help.
Regards.
DavidIt depends upon which switch you are using , If you are using a L3 capable switch , routing can be done on the switch it self , or if its a pure L2 switch you may have to create VLANs and route using sub-interfaces in the routers.Use these links for more details.
http://cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a00801cdf50.html#1008908
http://cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a0080161137.html -
Dot1q-tunneling and native frames ( untagged )
hi all I have the following setup:
tunnel Port:
interface GigabitEthernet1/0/2
switchport access vlan 784
switchport mode dot1q-tunnel
switchport nonegotiate
l2protocol-tunnel cdp
l2protocol-tunnel stp
l2protocol-tunnel vtp
no cdp enable
spanning-tree portfast
Trunk Port - Into Carrier Network
interface GigabitEthernet1/0/25
switchport trunk encapsulation dot1q
switchport trunk native vlan 4094
switchport mode trunk
switchport nonegotiate
load-interval 30
speed nonegotiate
spanning-tree bpdufilter enable
the Native Port on the tunnel interface = 1 and native vlan tagging is enabled on the switch.
what happens to untagged frames that hit the tunnel port from the customer? Imagine that they dont have their port as a trunk and are instead emitting untagged frames?
are these dropped or simply have a single Q-tag pushed and are then tunnelled through the carrier network?
I have followed the recommendation of making the trunk port have a native vlan that is not the native vlan of any of the tunnel ports.
thanksNormally double-tag traffic is seen as NON-IP traffic by metro devices, since they cannot see beyond first tag.
Untagged customer traffic will behave like IP traffic in metro network, since it will have only one tag.
You can use a trick - create an IP access list on trunk port with "deny ip any any" - basically denying all IP traffic. That should stop all traffic that was not tagged by the customer. Ofcourse that will disable your management - so you need to plan this.
If more than one customer is using same S-VLAN, and one customer has e.g. VLAN 3 untagged, and other one has VLAN 5 untagged, their VLANs will be interconnected. -
Hi,
I am using 3750 as a L2 switch in between MPLS PE and MPLS P router. The ports (on 3750M) connecting to MPLS devices are just L2 ports no IP or no LDP. I want to know if I can configure QOS on L2 ports of 3750. Can I map MPLS EXP to COS on switch?
regards,
GauravHi,
You will not be able to do this, as the switches look at the layer 2 or 3 cos markings, whilst the MPLS exp value is at layer 2.5, between the IP and MAC layers.
But if the MPLS exp value has been set from that of the IP precedence/DSCP from the CE packet, aka uniform mode MPLS QOS, then you can just use your cos maps to match the ip dscp/precendence to cos etc.
HTH
LR -
I am in the process of designing a dot1q-tunnel-based service backbone. Basically client switches will uplink with tunnelled ports on the provider backbone.
Cl-SW1 |----|P-SW1|----|P-SW2|-----|Cl-SW2|
Assume that the CL-SW1 is at the headquarters of the client and some traffic from the client should be sent off-premisess (Internet for example) using the same link (Gig Ethernet).
What are my options?
P-SW1 and P-SW2 will not be able to see layer 3 information from the client switches since traffic is layer2-tunnelled. How can I route traffic off the backbone?
I thought about trunking a single port on P-SW1 and connecting it to a router. On the router sub-interfaces will do the job. But the problem is that trunked traffic will reach the router encapsulated with dot1q tunneling? Does a 7600 series router do the job, since it understands tunneling?
Any ideas will be appreciated.It depends upon which switch you are using , If you are using a L3 capable switch , routing can be done on the switch it self , or if its a pure L2 switch you may have to create VLANs and route using sub-interfaces in the routers.Use these links for more details.
http://cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a00801cdf50.html#1008908
http://cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a0080161137.html -
Is it possible to use MVR for delivering multicast to customers over dot1q-tunnel interface ?
Can QinQ and MVR work together ?I think the muticast vlan registration shortly termed MVR is not supported in dot1Q tunnelling interface.Because, there is a criteria for configuring MVR.That is, while configuring MVR, receiver ports cannot be trunk ports. Since, do11q is a trunking protocol,I believe MVR can't be transmitted over trunk port, and hence over dot1q tunnel interface.For detailed info on this mvr,
refer to the configuration guidelines sections of mvr at:
http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a008007e8d9.html#xtocid14 -
Me3400 mep on dot1q-tunnel interface
Hi
Just wanted to get someone to give me some quick pointers on the following task:
I have an me3400 with fa0/1 as a UNI.
also I have Gig0/1 as NNI.
I have set the commands on the switch as
ethernet cfm ieee
ethernet cfm global
ethernet cfm domain testnet level 4
ethernet evc cust1
oam protocol cfm svlan 10 domain testnet
interface FastEthernet0/1
switchport access vlan 10
switchport mode dot1q-tunnel
speed 100
duplex full
l2protocol-tunnel cdp
l2protocol-tunnel lldp
l2protocol-tunnel stp
l2protocol-tunnel vtp
interface GigabitEthernet0/1
port-type nni
switchport mode trunk
ethernet cfm mip level 4 vlan 10
so this is the minimal functionality that I am after.
What else do I need to do to link the fa0/1 port to the EVC and enable an UP MEP and CC on it?
the end goal initially is to propagate link loss when the UNI is disconnected so that the remote me3400 brings down its UNI.
any help please.It's difficult for Cisco Cat 6500.Why don't you consider products from other vendors?
-
Hello Guys,
I am configuring a dot1q tunnel VPLS since it suited our need for the client's requirements. To my surprise the 48 port tx we are using on our 7600 doesn't support this
7609-PPE1(config-if)#switchport mode dot1q-tunnel
Command rejected: Gi2/4 doesn't support 802.1q tunneling.
IOS is s72033-pk9sv-mz.122-18.SXD5.bin
Hardware is 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX
For me to establish a good VPLS in dot1q (dot1q in dot1q) multipoint connection, what hardware with port density is available for this one?
I didn't have any problem with OSM modules, but we have to be practical with the port density.
Your insights will be greatly appreciated.
Thanks.For vpls to work the core facing should be a osm module.Configure IP routing in the core so that the PE routers can reach each other via IP. Configure MPLS in the core so that a label switched path (LSP) exists between the PE routers.For more info refer
http://www.cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a00801e5c06.html#wp1338115. -
Hi guys.
I'm trying to setup a dot1q tunnel on a 3560X, but the option does not seem available.
SW02#conf t
Enter configuration commands, one per line. End with CNTL/Z.
SW02(config)#int gig 0/1
SW02(config-if)#sw mode ?
access Set trunking mode to ACCESS unconditionally
dynamic Set trunking mode to dynamically negotiate access or trunk mode
trunk Set trunking mode to TRUNK unconditionally
SW02(config-if)#sw mode
I'm sure I have seen this command visible previously so it could be configuration or VTP related, but obviously am now doubting myself.
For reference the IOS version is;
c3560e-universalk9-mz.122-55.SE5/c3560e-universalk9-mz.122-55.SE5.bin
Its not an advipservices feature is it?
Thanks for your help.
MikeHi Mike,
according to the Configuration Guide, 802.1Q protocol tunneling is not supported on switches running the LAN base feature set.
Do you have at least an IP Base license activated (show license detail)?
Cisco Catalyst 3560-X Series Switches - Cisco IOS Software Packaging and Licensing White Paper
HTH
Rolf -
ASR 9010 switchport mode dot1q-tunnel QinQ Access
Is there an IOS-XR ASR equivalent for a QinQ edge access port? On IOS the interface config would be:
int fa 1/1
switchport
switchport mode dot1q-tunnel
switchport access vlan 100Do you have ASR on both sides? If you do, VFI will work for you, lets say:
CE------G1/1/1/1(1.1.1.1- PE1)---------------------(PE - 2.2.2.2) G2/2/2/2--------- CE
On PE1:
interface g1/1/1/1
l2transport
no shut
l2vpn
bridge group PE1
bridge-domain CE1
interface g1/1/1/1
vfi CE1
neighbor 2.2.2.2 pw-id 100
On PE2:
interface g2/2/2/2
l2transport
no shut
l2vpn
bridge group PE2
bridge-domain CE2
interface g2/2/2/2
vfi CE2
neighbor 1.1.1.1 pw-id 100 -
QoS (CoS) and Q-in-Q (dot1q-tunnel)
Hi,
I am looking for a document which describes the procedures and connections between QoS and Q-in-Q. Something like "NAT order of operation".
Points I am interested in are for example:
- Which CoS value is set in the outer VLAN tag?
- Which VLAN tag does 'mls qos trust cos' trust?
- Would the CoS value of the inner VLAN tag be inherited/passed to the outer VLAN tag?
I am mainly using Cat3560 and Cat3750 with IOS 12.2(25)SED1 IP-Base.
kind regards
MarkPolicing function determines if the traffic level is within the specified profile (contract). Policing function allows either dropping out-of-profile traffic or marking the traffic down to a different Differential Services Code Point (DSCP) value to enforce contracted service level. DSCP is a measure of the Quality of Service (QoS) level of the packet. Along with DSCP, IP precedence and Class of Service (CoS) are also used to convey the QoS level of the packet
http://www.cisco.com/warp/public/473/134.html -
DSCP to CoS mapping: Avaya traffic
It appears that Avaya marks its voice traffic as follows:
L2 signaling cos 6 L3 signaling dscp 34
L2 audio cod 6 L3 audio dscp 46
Has anyone interacted with theses settings and what are the right mappings for 6500 series Modules?
I am about to use the following:
#mls qos map dscp-cos 34 46 to 6
#mls qos map dscp-cos 48 to 5 "move IP control to cos 5)
#mls qos map cos-dscp 0 8 16 24 32 46 48 56 leave cos to dscp unchanged.
Finally use: #mls qos thrust dscp on input interfaces.
Can anyone clarify?
Thanks.The 6608 and 6624 internal port is treated as trust-cos to the Catalyst 6000. So the default COS-to-DSCP mapping of the cards will determine the DSCP values with which the IP packets are marked unless they are changed in the switch.
The 6608 and 6624 will tag packets as follows:
COS = 5 for rtp traffic
COS = 3 for signalling traffic
By default on the Catalyst 6000, these COS values map in IP packets to DSCP 24 (COS = 3) and 40 (COS = 5) as shown in the table below.
Generally, the recommended DSCP values to use in a VoIP network differ slightly. They are:
DSCP = 46 for rtp traffic (Recommended Expedited Forwarding (EF) value)
COS = 26 for signalling traffic (AF31)
It may be necessary to change the default COS-DSCP mapping on the Catalyst 6000 so that the DSCP markings in packets generated by the 6608 and 6624 cards conform to the network policy. For example, if other devices in the network are marking packets with the recommended values.
Information on how to change the default COS-DSCP mapping is provided in the Mapping Received CoS Values to Internal DSCP Values section of Catalyst 6000 Family Software Configuration Guide. -
DSCP and CoS mapping to use uAPSD
Hi CISCO experts, I'm trying to map some traffic to a DSCP and CoS priority. The fact is that doesn't work.
Steps:
1.Set personal filter (myfilter)to forward from specific IP.
2.Set QoS policy: my_policy --> myfilter-CoS (4).
3. Add policy to 802.11g.
When I look up the IP traces DSCP is allways 0x00 (Best Efford).
If I map DSCP (best efford) to DSCP (vocie) doesnt work either.
What can I do? Im trying to emulate AC_VO or AC_VE so I can force the uAPSD protocol to work.
Best regardsAre you using a Cisco WLAN controller or autonomous AP?
You would need to ensure that the RTP (voice) packets to the AP has DSCP = EF.
There is an auto policy in the WLAN controller to map EF to UP6.
For autonomous, will need to create a QoS policy to do this.
But you do not want to map DSCP = 0 to UP6!
This defeats the purpose.
Will only want RTP packets to be marked as EF.
See the WLAN SRND and 7921G Deployment Guides for more info.
http://www.cisco.com/application/pdf/en/us/guest/netsol/ns279/c649/ccmigration_09186a00808d9330.pdf
http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7921g/5_0/english/install/guide/7921dply.pdf
Maybe you are looking for
-
Java in JSP page can't find local file
Hi. I am very new to JSP development. I am having a strange issue. When I try to access a file within the same directory as my JSP file I get a FileNotFoundException thrown. Although, I can link the file using HTML so I know it is there in the proper
-
MB03 Vendor Batch is not appear
Hi, I just perform MIGO 101 of Purchase order. I enter vendor batch number ABC123. After save, I go to MB03, I cannot find my Vendor batch number that I have entered just now. Please suggest me where should I configure to display the vendor batch in
-
CSS Troubleshooting "advanced-balance url" based on string-range
Hi together, a questions for troubleshooting "string range stickyness". I configured a content rule: content L5_HTTP_81 vip address 192.168.1.1 balance aca no persistent protocol tcp port 81 url "/*" advanced-balance url add service service1 weight 1
-
Can someone help with a networking problem?
Here's a situation I need some help with: I live in a semi-detached house. My neighbour has broadband, I don't. The phone company (BT) has said it would cost too much to install another line to enable me to have broadband, and would involve digging u
-
Dreamweaver CS4 crashing at start up on mac
Dreamweaver CS4 crashing at start up on mac. I have a macbook pro with 10.4.11. Just installed CS4 design premium and dreamweaver crashes when I try to launch. What's the fix?