Dot1q-tunnel cos mapping

Is it possible to map the cos from a tagged frame into the metro tag cos field when it enters a dot1q-tunnel port?
The only option I see to set cos on a dot1q-tunnel port is to statically configure a value using the <mls qos cos <value> > commmand, this is with the 3750.
Thanks

It all depends on the hardware.
For example 3750 Metro support copying inner CoS value to the outer tag. It is also supported by 4500s with SUPV-10GE.
Also this functionality is possible with ES20 cards in 7600.
Overall there is not much hardware that support it. The functionality you are looking for is called "ntelligent IEEE 802.1Q tunneling QoS"
http://www.cisco.com/en/US/docs/switches/metro/catalyst3750m/software/release/12.2_25_seg_seg1/configuration/guide/swtunnel.html#wp1010491

Similar Messages

  • "trust cos" on dot1q-tunnel interface

    Hello,
    we've MAN based on Cat 6500 and Cat 3750, we're using QinQ as one of our backbone technologies.
    We need to implement "trust cos" on QinQ port for one of our customers (= rewrite CoS bits from the internal 802.1q header (coming from customer) to the external 802.1q header). Do you have some idea how to deal with it ?
    We've done several experiments, but we haven't found any solution except CoS-to-CoS map, which is "Cat 6500 only" and "per-group-of-ports" feature. We need to implement it per port (only for this cusomer).
    We're looking for this because customer is using MPLS and we need to "trust QoS" as it is set by the customer. Customer is able to set
    - DSCP in IP header
    - MPLS exp. bits
    - CoS in dot1q header.
    Have you ever come accross something like this?
    Have you found any solution?
    Thanks
    Jan Klicka, SITMP

    It's difficult for Cisco Cat 6500.Why don't you consider products from other vendors?

  • Dot1q-tunnel rejection

    Hello,
    I am trying to setup a dot1q-tunnel on a Catalyst 6506 running IOS 12.2 and am running into trouble. I have followed everything in the manual and from other's examples, but I continually get the error:
    Command rejected: Gi1/1 doesn't support 802.1q tunneling.
    To get there I have done:
    Router(config)#vlan dot1q tag native
    Router(config)#interface range gig 1/1-48
    Router(config-if-range)#spanning-tree bpdufilter enable
    Router(config-if-range)#spanning-tree portfast
    Router(config-if-range)#switchport mode dot1q-tunnel
    and it says command rejected for all 48 ports.
    If anyone has any insight it would be greatly appreciated. Thank you for your time

    if you can't make tunnel with dot1q, check the capability of the module using follow command..
    [example]
    Swith#show interfaces gigabitEthernet 0/1 capabilities
    GigabitEthernet0/1
    Model: WS-C3550-24
    Type: unknown
    Speed: 1000
    Duplex: full
    Trunk encap. type: 802.1Q,ISL <<<--- capability
    Trunk mode: on,off,desirable,nonegotiate
    Channel: yes
    Broadcast suppression: percentage(0-100)
    Flowcontrol: rx-(off,on,desired),tx-(off,on,desired)
    Fast Start: yes
    QOS scheduling: rx-(1q0t),tx-(4q2t),tx-(1p3q2t)
    CoS rewrite: yes
    ToS rewrite: yes
    UDLD: yes
    Inline power: no
    SPAN: source/destination
    PortSecure: yes
    Dot1x: yes

  • Dot1q tunneling and security

    Hi,
    I don't understand how to make to improve the security of dot1q tunneling. If the client makes some errors by example by disabling the spanning-tree on a vlan and he creates a loop between differents sites (L2VPN). What are the safety standards for Q-in-Q to protect the provider ?
    Thank you for your help.
    Regards.
    David

    It depends upon which switch you are using , If you are using a L3 capable switch , routing can be done on the switch it self , or if its a pure L2 switch you may have to create VLANs and route using sub-interfaces in the routers.Use these links for more details.
    http://cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a00801cdf50.html#1008908
    http://cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a0080161137.html

  • Dot1q-tunneling and native frames ( untagged )

    hi all I have the following setup:
    tunnel Port:
    interface GigabitEthernet1/0/2
    switchport access vlan 784
    switchport mode dot1q-tunnel
    switchport nonegotiate
    l2protocol-tunnel cdp
    l2protocol-tunnel stp
    l2protocol-tunnel vtp
    no cdp enable
    spanning-tree portfast
    Trunk Port - Into Carrier Network
    interface GigabitEthernet1/0/25
    switchport trunk encapsulation dot1q
    switchport trunk native vlan 4094
    switchport mode trunk
    switchport nonegotiate
    load-interval 30
    speed nonegotiate
    spanning-tree bpdufilter enable
    the Native Port on the tunnel interface = 1 and native vlan tagging is enabled on the switch.
    what happens to untagged frames that hit the tunnel port from the customer? Imagine that they dont have their port as a trunk and are instead emitting untagged frames?
    are these dropped or simply have a single Q-tag pushed and are then tunnelled through the carrier network?
    I have followed the recommendation of making the trunk port have a native vlan that is not the native vlan of any of the tunnel ports.
    thanks

    Normally double-tag traffic is seen as NON-IP traffic by metro devices, since they cannot see beyond first tag.
    Untagged customer traffic will behave like IP traffic in metro network, since it will have only one tag.
    You can use a trick - create an IP access list on trunk port with "deny ip any any" - basically denying all IP traffic. That should stop all traffic that was not tagged by the customer. Ofcourse that will disable your management - so you need to plan this.
    If more than one customer is using same S-VLAN, and one customer has e.g. VLAN 3 untagged, and other one has VLAN 5 untagged, their VLANs will be interconnected.

  • EXP-COS mapping on 3750M

    Hi,
    I am using 3750 as a L2 switch in between MPLS PE and MPLS P router. The ports (on 3750M) connecting to MPLS devices are just L2 ports no IP or no LDP. I want to know if I can configure QOS on L2 ports of 3750. Can I map MPLS EXP to COS on switch?
    regards,
    Gaurav

    Hi,
    You will not be able to do this, as the switches look at the layer 2 or 3 cos markings, whilst the MPLS exp value is at layer 2.5, between the IP and MAC layers.
    But if the MPLS exp value has been set from that of the IP precedence/DSCP from the CE packet, aka uniform mode MPLS QOS, then you can just use your cos maps to match the ip dscp/precendence to cos etc.
    HTH
    LR

  • Dot1Q tunneling and routing

    I am in the process of designing a dot1q-tunnel-based service backbone. Basically client switches will uplink with tunnelled ports on the provider backbone.
    Cl-SW1 |----|P-SW1|----|P-SW2|-----|Cl-SW2|
    Assume that the CL-SW1 is at the headquarters of the client and some traffic from the client should be sent off-premisess (Internet for example) using the same link (Gig Ethernet).
    What are my options?
    P-SW1 and P-SW2 will not be able to see layer 3 information from the client switches since traffic is layer2-tunnelled. How can I route traffic off the backbone?
    I thought about trunking a single port on P-SW1 and connecting it to a router. On the router sub-interfaces will do the job. But the problem is that trunked traffic will reach the router encapsulated with dot1q tunneling? Does a 7600 series router do the job, since it understands tunneling?
    Any ideas will be appreciated.

    It depends upon which switch you are using , If you are using a L3 capable switch , routing can be done on the switch it self , or if its a pure L2 switch you may have to create VLANs and route using sub-interfaces in the routers.Use these links for more details.
    http://cisco.com/en/US/products/hw/switches/ps646/products_configuration_guide_chapter09186a00801cdf50.html#1008908
    http://cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a0080161137.html

  • MVR over DOT1Q-TUNNEL

    Is it possible to use MVR for delivering multicast to customers over dot1q-tunnel interface ?
    Can QinQ and MVR work together ?

    I think the muticast vlan registration shortly termed MVR is not supported in dot1Q tunnelling interface.Because, there is a criteria for configuring MVR.That is, while configuring MVR, receiver ports cannot be trunk ports. Since, do11q is a trunking protocol,I believe MVR can't be transmitted over trunk port, and hence over dot1q tunnel interface.For detailed info on this mvr,
    refer to the configuration guidelines sections of mvr at:
    http://www.cisco.com/en/US/products/hw/switches/ps628/products_configuration_guide_chapter09186a008007e8d9.html#xtocid14

  • Me3400 mep on dot1q-tunnel interface

    Hi
    Just wanted to get someone to give me some quick pointers on the following task:
    I have an me3400 with fa0/1 as a UNI.
    also I have Gig0/1 as NNI.
    I have set the commands on the switch as
    ethernet cfm ieee
    ethernet cfm global
    ethernet cfm domain testnet level 4
    ethernet evc cust1
       oam protocol cfm svlan 10 domain testnet
    interface FastEthernet0/1
      switchport access vlan 10
      switchport mode dot1q-tunnel
      speed 100
      duplex full
      l2protocol-tunnel cdp
      l2protocol-tunnel lldp
      l2protocol-tunnel stp
      l2protocol-tunnel vtp
    interface GigabitEthernet0/1
      port-type nni
      switchport mode trunk
      ethernet cfm mip level 4 vlan 10
    so this is the minimal functionality that I am after.
    What else do I need to do to link the fa0/1 port to the EVC and enable an UP MEP and CC on it?
    the end goal initially is to propagate link loss when the UNI is disconnected so that the remote me3400 brings down its UNI.
    any help please.

    It's difficult for Cisco Cat 6500.Why don't you consider products from other vendors?

  • Dot1q tunnel VPLS support

    Hello Guys,
    I am configuring a dot1q tunnel VPLS since it suited our need for the client's requirements. To my surprise the 48 port tx we are using on our 7600 doesn't support this
    7609-PPE1(config-if)#switchport mode dot1q-tunnel
    Command rejected: Gi2/4 doesn't support 802.1q tunneling.
    IOS is s72033-pk9sv-mz.122-18.SXD5.bin
    Hardware is 48 SFM-capable 48 port 10/100/1000mb RJ45 WS-X6548-GE-TX
    For me to establish a good VPLS in dot1q (dot1q in dot1q) multipoint connection, what hardware with port density is available for this one?
    I didn't have any problem with OSM modules, but we have to be practical with the port density.
    Your insights will be greatly appreciated.
    Thanks.

    For vpls to work the core facing should be a osm module.Configure IP routing in the core so that the PE routers can reach each other via IP. Configure MPLS in the core so that a label switched path (LSP) exists between the PE routers.For more info refer
    http://www.cisco.com/en/US/products/hw/routers/ps368/products_configuration_guide_chapter09186a00801e5c06.html#wp1338115.

  • Dot1q tunnel

    Hi guys.
    I'm trying to setup a dot1q tunnel on a 3560X, but the option does not seem available.
    SW02#conf t
    Enter configuration commands, one per line.  End with CNTL/Z.
    SW02(config)#int gig 0/1
    SW02(config-if)#sw mode ?
      access   Set trunking mode to ACCESS unconditionally
      dynamic  Set trunking mode to dynamically negotiate access or trunk mode
      trunk    Set trunking mode to TRUNK unconditionally
    SW02(config-if)#sw mode
    I'm sure I have seen this command visible previously so it could be configuration or VTP related, but obviously am now doubting myself.
    For reference the IOS version is;
    c3560e-universalk9-mz.122-55.SE5/c3560e-universalk9-mz.122-55.SE5.bin
    Its not an advipservices feature is it?
    Thanks for your help.
    Mike

    Hi Mike,
    according to the Configuration Guide, 802.1Q protocol tunneling is not supported on switches running the LAN base feature set.
    Do you have at least an IP Base license activated (show license detail)?
    Cisco Catalyst 3560-X Series Switches - Cisco IOS Software Packaging and Licensing White Paper
    HTH
    Rolf

  • ASR 9010 switchport mode dot1q-tunnel QinQ Access

    Is there an IOS-XR ASR equivalent for a QinQ edge access port? On IOS the interface config would be:
    int fa 1/1
    switchport
    switchport mode dot1q-tunnel
    switchport access vlan 100

    Do you have ASR on both sides? If you do, VFI will work for you, lets say:
    CE------G1/1/1/1(1.1.1.1- PE1)---------------------(PE - 2.2.2.2) G2/2/2/2--------- CE
    On PE1:
    interface g1/1/1/1
    l2transport
    no shut
    l2vpn
    bridge group PE1
    bridge-domain CE1
    interface g1/1/1/1
    vfi CE1
    neighbor 2.2.2.2 pw-id 100
    On PE2:
    interface g2/2/2/2
    l2transport
    no shut
    l2vpn
    bridge group PE2
    bridge-domain CE2
    interface g2/2/2/2
    vfi CE2
    neighbor 1.1.1.1 pw-id 100

  • QoS (CoS) and Q-in-Q (dot1q-tunnel)

    Hi,
    I am looking for a document which describes the procedures and connections between QoS and Q-in-Q. Something like "NAT order of operation".
    Points I am interested in are for example:
    - Which CoS value is set in the outer VLAN tag?
    - Which VLAN tag does 'mls qos trust cos' trust?
    - Would the CoS value of the inner VLAN tag be inherited/passed to the outer VLAN tag?
    I am mainly using Cat3560 and Cat3750 with IOS 12.2(25)SED1 IP-Base.
    kind regards
    Mark

    Policing function determines if the traffic level is within the specified profile (contract). Policing function allows either dropping out-of-profile traffic or marking the traffic down to a different Differential Services Code Point (DSCP) value to enforce contracted service level. DSCP is a measure of the Quality of Service (QoS) level of the packet. Along with DSCP, IP precedence and Class of Service (CoS) are also used to convey the QoS level of the packet
    http://www.cisco.com/warp/public/473/134.html

  • DSCP to CoS mapping: Avaya traffic

    It appears that Avaya marks its voice traffic as follows:
    L2 signaling cos 6 L3 signaling dscp 34
    L2 audio cod 6 L3 audio dscp 46
    Has anyone interacted with theses settings and what are the right mappings for 6500 series Modules?
    I am about to use the following:
    #mls qos map dscp-cos 34 46 to 6
    #mls qos map dscp-cos 48 to 5 "move IP control to cos 5)
    #mls qos map cos-dscp 0 8 16 24 32 46 48 56 leave cos to dscp unchanged.
    Finally use: #mls qos thrust dscp on input interfaces.
    Can anyone clarify?
    Thanks.

    The 6608 and 6624 internal port is treated as trust-cos to the Catalyst 6000. So the default COS-to-DSCP mapping of the cards will determine the DSCP values with which the IP packets are marked unless they are changed in the switch.
    The 6608 and 6624 will tag packets as follows:
    COS = 5 for rtp traffic
    COS = 3 for signalling traffic
    By default on the Catalyst 6000, these COS values map in IP packets to DSCP 24 (COS = 3) and 40 (COS = 5) as shown in the table below.
    Generally, the recommended DSCP values to use in a VoIP network differ slightly. They are:
    DSCP = 46 for rtp traffic (Recommended Expedited Forwarding (EF) value)
    COS = 26 for signalling traffic (AF31)
    It may be necessary to change the default COS-DSCP mapping on the Catalyst 6000 so that the DSCP markings in packets generated by the 6608 and 6624 cards conform to the network policy. For example, if other devices in the network are marking packets with the recommended values.
    Information on how to change the default COS-DSCP mapping is provided in the Mapping Received CoS Values to Internal DSCP Values section of Catalyst 6000 Family Software Configuration Guide.

  • DSCP and CoS mapping to use uAPSD

    Hi CISCO experts, I'm trying to map some traffic to a DSCP and CoS priority. The fact is that doesn't work.
    Steps:
    1.Set personal filter (myfilter)to forward from specific IP.
    2.Set QoS policy: my_policy --> myfilter-CoS (4).
    3. Add policy to 802.11g.
    When I look up the IP traces DSCP is allways 0x00 (Best Efford).
    If I map DSCP (best efford) to DSCP (vocie) doesnt work either.
    What can I do? Im trying to emulate AC_VO or AC_VE so I can force the uAPSD protocol to work.
    Best regards

    Are you using a Cisco WLAN controller or autonomous AP?
    You would need to ensure that the RTP (voice) packets to the AP has DSCP = EF.
    There is an auto policy in the WLAN controller to map EF to UP6.
    For autonomous, will need to create a QoS policy to do this.
    But you do not want to map DSCP = 0 to UP6!
    This defeats the purpose.
    Will only want RTP packets to be marked as EF.
    See the WLAN SRND and 7921G Deployment Guides for more info.
    http://www.cisco.com/application/pdf/en/us/guest/netsol/ns279/c649/ccmigration_09186a00808d9330.pdf
    http://www.cisco.com/en/US/docs/voice_ip_comm/cuipph/7921g/5_0/english/install/guide/7921dply.pdf

Maybe you are looking for

  • Java in JSP page can't find local file

    Hi. I am very new to JSP development. I am having a strange issue. When I try to access a file within the same directory as my JSP file I get a FileNotFoundException thrown. Although, I can link the file using HTML so I know it is there in the proper

  • MB03 Vendor Batch is not appear

    Hi, I just perform MIGO 101 of Purchase order. I enter vendor batch number ABC123. After save, I go to MB03, I cannot find my Vendor batch number that I have entered just now. Please suggest me where should I configure to display the vendor batch in

  • CSS Troubleshooting "advanced-balance url" based on string-range

    Hi together, a questions for troubleshooting "string range stickyness". I configured a content rule: content L5_HTTP_81 vip address 192.168.1.1 balance aca no persistent protocol tcp port 81 url "/*" advanced-balance url add service service1 weight 1

  • Can someone help with a networking problem?

    Here's a situation I need some help with: I live in a semi-detached house. My neighbour has broadband, I don't. The phone company (BT) has said it would cost too much to install another line to enable me to have broadband, and would involve digging u

  • Dreamweaver CS4 crashing at start up on mac

    Dreamweaver CS4 crashing at start up on mac. I have a macbook pro with 10.4.11. Just installed CS4 design premium and dreamweaver crashes when I try to launch. What's the fix?