Mls qos VS mls qos trust
Hello world!
I want to enable qos on a 3560 switch,
So, I put:
Overall setup mode "mls qos"
Question:
is what it is Verily nessaiire to interface configuration mode: "mls qos trust"?
Regards,
Disclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
Generally, on many Catalyst switches, once you enable QoS, they will erase an ingress CoS/ToS markings unless your trust it or otherwise (i.e. policy) maintain it.
I.e. the answer to your question is an "it depends"; but unless you want the markings reset to zero, the answer is probably yes (you want to trust).
Similar Messages
-
Cisco 3650 QoS design: "mls QoS" not supported
Dear colleagues,
I am currently testing a Cisco 3650 for various catalogue items. One key feature that we use on almost all our catalogue items, is Quality of Service (QoS).
On the old Cisco 3560 and 3750, we use "mls qos" and related commands. We use numbered ACLs for untrusted QoS policy that sits on the LAN / ingress port. I have raised a TAC case for this issue but is there a tool to help me convert the "mls QoS" design on the old 3560 platform to the new 3650 platform where "mls qos" is not supported?
Many thanks.Hi,
The new 3650 runs IOS-XE and the older Cisco 3560 and 3750 run IOS. So the QOS architecture on the new 3650 is different.
here is the link to the qos config for the 3650:
http://www.cisco.com/c/en/us/td/docs/switches/lan/catalyst3650/software/release/3se/qos/configuration_guide/b_qos_3se_3650_cg/b_qos_3se_3650_cg_chapter_011.html
HTH -
QoS: make switch to trust PC's DSCP marking
Hi,
As you all know, it's possible to override 802.1p/CoS field coming from PC attached to Catalyst switch.
This is accomplished in 2 (two) ways:
- either by '(config-if)# mls qos trust extend cos <value>'
- or via '(config-if)# switchport priority extend cos <value>'
But what about to make Cisco IP Phone to trust PC's DSCP marking ? Is this possible ?
P.S.
Can you also explain, why there 2 (two) flavors of CLI to allow switch to trust to PC's 802.1p marking ?
Thanks.Tobi,
the PC basically send untagged frames to the switch, these will normally be send as CoS=0.
the following link has some scenarios for you
http://www.cisco.com/en/US/partner/products/hw/switches/ps5023/products_tech_note09186a0080883f9e.shtml#cg211
I think you will find example 6 usefull -
Mls qos enabled globally and disabled for only one interface
Hello !
My switch is Cisco IOS Software, C2960X Software (C2960X-UNIVERSALK9-M), Version 15.0(2)EX5, RELEASE SOFTWARE (fc1)
I try to disabled mls qos only for one interface, but when i do it, mls qos is globally disabled. Is it possible to do it ?
XXX#show mls qos
QoS is enabled
QoS ip packet dscp rewrite is enabled
XXX#conf t
Enter configuration commands, one per line. End with CNTL/Z.
XXX(config)#interface gigabitEthernet 1/0/5
XXX(config-if)#no mls qos
XXX(config)#exit
XXX#
XXX#show mls qos
QoS is disabled
QoS ip packet dscp rewrite is enabled
Thanks in advance for your help !!
DenisHi Denis,
You cant disable the QOS on per interface on 2960 devices.
By default, QoS is disabled. When we enable QoS all ports
will be assigned to queue-set 1. We can configure up to two
different queue-sets.
Hence if you remove the qos out of the interface it would be disabled globally as well.
HTH -
Hi All,
I am having issue specifally doing QOS configuration on 6503 or 6524 or 6509 switches. I am unable to match any EF(voice) traffic for eompls(vlan based) on 6503 cisco switch. If i use any other router as 2811 or 2821 my QOS configuration works perfect but if i put 6503 as PE2 it does not work.i am using vlan based eompls.
Below is the scenario & configuration which i am having issue.
CE1(2821 router)(dot1Q)--------->PE1(2821 router)------->P(6524 switch)-------->PE2(6503 switch)------->(dot1Q)(2821 switch)CE2.
On CE1 i can match ip-precedence 5 traffic and mark that traffic to cos5 on outbound port.On PE1 i can match cos5 packet and mark with mpls exp top5 on inbound port, on outbound port i can match mpls exp 5.
On PE2(6503) i am unable to match that mpls exp5 packet on inbound port. none of the configuration worked on 6500 series switches with mls qos, ,mls qos trust dscp,mls qos trust cos etc. Although i can match cos5 traffic on CE2 on inbound interface.i can not match mpls exp 5 traffic on 6503 and all i can see traffic as default-class on 6503 switch. I tried many things and many configurations on 6503 but nothing worked.If i put 2821 router as PE2 instead of 6503 my qos configuration works. but why if i put 6503 my same qos configuration does not work?
---match means=classification or classify
Can anyone tell me how qos works on 6500 series switches or where i am having issue in my scenario.
i am using this ios on 6503: s72033-advipservicesk9_wan-mz.122-33.SXI3.bin.
below r my questions for 6503 qos:
1.do i need to use some other map tables,am i using correct map tables on 6503 as cos-dscp,dscp-cos,exp-dscp etc.
2.any other configutaion of qos needed on 6503?
3.i am unable to match anything on outbound port of 6503.
4.on 6503 i am using sup720 and PFC3BXL.any specific configuration needed for PFC3bxl.
5. 6503 not allowing me to match qos-group on inbound interface, not allowing me to set cos5 on outbound interface. not allowing me to set cos5 as an inbound interface.
CE1(2821) config:
class-map match-any EF
match ip precedence 5
class-map match-any data
match ip precedence 3
policy-map ip2mpls
class EF
set cos 5
class data
set cos 3
interface FastEthernet0/0
no ip address
duplex auto
speed auto
interface FastEthernet0/0.455
encapsulation dot1Q 455
ip address 172.16.15.1 255.255.255.252
service-policy output EF
PE1(2821) config:
mls qos map cos-dscp 0 8 16 24 32 40 48 56
class-map match-all exp_3
match mpls experimental topmost 3
class-map match-all mpls_exp
match mpls experimental topmost 5
class-map match-any cos3
match cos 3
class-map match-any LOO1
match cos 5
policy-map EF
class LOO1
set mpls experimental imposition 5
class cos3
set mpls experimental imposition 3
policy-map QOS_G_5
class mpls_exp
priority
class exp_3
bandwidth 500
interface Loopback0
ip address 3.3.3.3 255.255.255.255
interface FastEthernet0/0
ip address 192.168.23.2 255.255.255.0
ip ospf network point-to-point
duplex auto
speed auto
mpls ip
service-policy output QOS_G_5
interface FastEthernet0/1.455
encapsulation dot1Q 455
xconnect 5.5.5.5 455 encapsulation mpls
service-policy input EF
PE2(6503 qos):
R1#show module
Mod Ports Card Type Model Serial No.
1 4 CEF720 4 port 10-Gigabit Ethernet WS-X6704-10GE SAL09401U2L
2 48 CEF720 48 port 10/100/1000mb Ethernet WS-X6748-GE-TX SAL114247YN
3 16 16 port 1000mb GBIC ethernet WS-X6416-GBIC SAL0712AM69
4 24 CEF720 24 port 1000mb SFP WS-X6724-SFP SAL10019J4N
5 2 Supervisor Engine 720 (Hot) WS-SUP720-3BXL SAD102805VM
6 2 Supervisor Engine 720 (Active) WS-SUP720-BASE SAD0846060F
Mod Sub-Module Model Serial Hw Status
1 Distributed Forwarding Card WS-F6700-DFC3BXL SAD102504EF 5.3 Ok
2 Centralized Forwarding Card WS-F6700-CFC SAD111300PD 3.1 Ok
4 Centralized Forwarding Card WS-F6700-CFC SAL1004BQ2A 2.0 Ok
5 Policy Feature Card 3 WS-F6K-PFC3BXL SAD10270189 1.8 Ok
5 MSFC3 Daughterboard WS-SUP720 SAD102801G5 2.5 Ok
6 Policy Feature Card 3 WS-F6K-PFC3BXL SAL1415FE95 1.11 Ok
6 MSFC3 Daughterboard WS-SUP720 SAD08440794 2.4 Ok
R1#show mls qos maps
Normal Burst Policed-dscp map: (dscp= d1d2)
d1 : d2 0 1 2 3 4 5 6 7 8 9
0 : 01 01 02 03 04 05 06 07 08 09
1 : 10 11 12 13 14 15 16 17 18 19
2 : 20 21 22 23 24 25 26 27 28 29
3 : 30 31 32 33 34 35 36 37 38 39
4 : 40 41 42 43 44 45 01 47 48 49
5 : 50 51 52 53 54 55 56 57 58 59
6 : 60 61 62 63
Maximum Burst Policed-dscp map: (dscp= d1d2)
d1 : d2 0 1 2 3 4 5 6 7 8 9
0 : 00 01 02 03 04 05 06 07 08 09
1 : 10 11 12 13 14 15 16 17 18 19
2 : 20 21 22 23 24 25 26 27 28 29
3 : 30 31 32 33 34 35 36 37 38 39
4 : 40 41 42 43 44 45 46 47 48 49
5 : 50 51 52 53 54 55 56 57 58 59
6 : 60 61 62 63
Dscp-cos map: (dscp= d1d2)
d1 : d2 0 1 2 3 4 5 6 7 8 9
0 : 00 00 00 00 00 00 00 00 01 01
1 : 01 01 01 01 01 01 02 02 02 02
2 : 02 02 02 02 03 03 03 03 03 03
3 : 03 03 04 04 04 04 04 04 04 04
4 : 05 05 05 05 05 05 05 05 06 06
5 : 06 06 06 06 06 06 07 07 07 07
6 : 07 07 07 07
Dscp-exp map: (dscp= d1d2)
d1 : d2 0 1 2 3 4 5 6 7 8 9
0 : 00 00 00 00 00 00 00 00 01 01
1 : 01 01 01 01 01 01 02 02 02 02
2 : 02 02 02 02 03 03 03 03 03 03
3 : 03 03 04 04 04 04 04 04 04 04
4 : 05 05 05 05 05 05 05 05 06 06
5 : 06 06 06 06 06 06 07 07 07 07
6 : 07 07 07 07
Cos-dscp map:
cos: 0 1 2 3 4 5 6 7
dscp: 0 10 18 24 34 46 48 56
IpPrecedence-dscp map:
ipprec: 0 1 2 3 4 5 6 7
dscp: 0 8 16 24 32 40 48 56
Exp-dscp map:
exp: 0 1 2 3 4 5 6 7
dscp: 0 8 16 24 32 40 48 56
mls netflow interface
mls qos map cos-dscp 0 10 18 24 34 46 48 56
mls qos
class-map match-all exp_3
match mpls experimental topmost 3
class-map match-all EXP_5
match mpls experimental topmost 5
class-map match-all QOS_GROUP_5
match qos-group 5
class-map match-all prec5
match ip precedence 5
class-map match-all cos5
match cos 5
policy-map mpls2ip
class QOS_GROUP_5
set cos 5
policy-map IN_FROM_R3
class EXP_5
set qos-group 5
interface Loopback0
ip address 5.5.5.5 255.255.255.255
interface GigabitEthernet2/2
mls qos trust cos
or <------------ (tried both individually but none worked)
mls qos trust dscp
interface GigabitEthernet2/2.455
encapsulation dot1Q 455
xconnect 3.3.3.3 455 encapsulation mpls
service-policy output mpls2ip
interface GigabitEthernet2/1
ip address 192.168.34.4 255.255.255.0
ip ospf network point-to-point
mls qos trust cos
or <------------ (tried both individually but none worked)
mls qos trust dscp
mpls ip
service-policy input IN_FROM_R4
Thanks & regards,
Ahsan RasheedHi All,.
I am still having issue on 6503 or 6524 Cisco Switch.
" Can any one give me any sample of 6524 or 6503 QOS working configuration, i would be really thankful "
As i have mentioned in my prevoius post of configuration of 6503. I am unable to match mpls exp 5 packet on 6503. My qos configuration on PE1(2811 router) is working perfectly. I am unable to classify mpls ex5 or mpls exp3 on 6503 switch. Am i missing something on configuration?
PE2 config:"6503 switch"
class-map match-all mpls_exp
match mpls experimental topmost 5
policy-map EF
class mpls_exp
R!#mls qos
int Gi2/4
service-policy input EF
mls qos trust cos
dscp: 0 10 18 24 34 46 48 56
Exp-dscp map:
exp: 0 1 2 3 4 5 6 7
dscp: 0 10 18 24 34 46 48 56
Thanks,
Ahsan Rasheed -
Hi
I have this existing QOS configuration in my network.
below is the configuration which i gather from access switch and from Core switch.
Core Switch
=========
mls aging long 64
mls aging normal 32
mls netflow interface
mls flow ip interface-full
mls nde sender version 5
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos
mls cef error action reset
interface GigabitEthernet X/X/X
description To Closet Switch or Access Switch
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
wrr-queue bandwidth 5 25 40
wrr-queue queue-limit 20 25 40
wrr-queue random-detect min-threshold 1 80 100 100 100 100 100 100 100
wrr-queue random-detect min-threshold 2 80 100 100 100 100 100 100 100
wrr-queue random-detect min-threshold 3 60 70 80 90 100 100 100 100
wrr-queue random-detect max-threshold 1 100 100 100 100 100 100 100 100
wrr-queue random-detect max-threshold 2 100 100 100 100 100 100 100 100
wrr-queue random-detect max-threshold 3 70 80 90 100 100 100 100 100
wrr-queue cos-map 1 1 1
wrr-queue cos-map 2 1 0
wrr-queue cos-map 3 1 2
wrr-queue cos-map 3 2 3
wrr-queue cos-map 3 3 6
wrr-queue cos-map 3 4 7
priority-queue cos-map 1 4 5
mls qos trust dscp
channel-group XX mode active
end
interface Port-channel XX
description To Closet Switch or Access Switch
switchport
switchport trunk encapsulation dot1q
switchport mode trunk
mls qos trust dscp
end
Access Switch
===========
mls qos map cos-dscp 0 8 16 26 32 46 48 56
mls qos srr-queue input threshold 1 50 100
mls qos srr-queue input threshold 2 80 100
mls qos srr-queue input priority-queue 2 bandwidth 20
mls qos srr-queue input dscp-map queue 1 threshold 2 24
mls qos srr-queue input dscp-map queue 1 threshold 3 48 56
mls qos srr-queue input dscp-map queue 2 threshold 3 32 40 46
mls qos srr-queue output cos-map queue 1 threshold 3 4 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 1
mls qos srr-queue output dscp-map queue 1 threshold 3 40 46
mls qos srr-queue output dscp-map queue 2 threshold 1 16 18 20 22 26 28 30 32
mls qos srr-queue output dscp-map queue 2 threshold 1 34 36 38
mls qos srr-queue output dscp-map queue 2 threshold 2 24
mls qos srr-queue output dscp-map queue 2 threshold 3 48 56
mls qos srr-queue output dscp-map queue 3 threshold 3 0
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 2 10 12 14
mls qos queue-set output 1 threshold 1 100 100 100 100
mls qos queue-set output 1 threshold 2 80 90 100 400
mls qos queue-set output 1 threshold 3 100 100 100 400
mls qos queue-set output 1 threshold 4 60 100 100 400
mls qos queue-set output 1 buffers 15 30 35 20
mls qos
interface GigabitEthernet XXX
description Access Points
switchport access vlan XXX
switchport mode access
switchport voice vlan YYY
srr-queue bandwidth share 1 70 25 5
srr-queue bandwidth shape 3 0 0 0
priority-queue out
mls qos trust cos
spanning-tree portfast
spanning-tree bpduguard enable
end
interface GigabitEthernet X/X/X
description To Core Switch
switchport trunk encapsulation dot1q
switchport mode trunk
carrier-delay msec 0
srr-queue bandwidth share 1 70 25 5
srr-queue bandwidth shape 3 0 0 0
priority-queue out
mls qos trust cos
channel-group XX mode active
interface Port-channel XX
description Uplink to Core
switchport trunk encapsulation dot1q
switchport mode trunk
dampening
end
i need to understand the above commands.
RegardsOn the core switch , you are trusting the dscp (Diffserv Code Point - a Layer 3 field used to indicate the classification of traffic for purposes of sorting it into classes and applying policies) marking that is on any packets coming from your closet and access switches.
On the access switches you are trusting any cos (Class of Service) marking applied by the connected core switch and access points.
In either case, trusting the marking means the end devices are responsible for setting the bits correctly to ensure their traffic is put into the right category. -
I have few questions about QOS
1) Can qos policy only be applied at incoming frame/packets or it can also be applied at outgoing frames?
2)Is it correct that qos policy for incoming frames , will decide the queue the frames be at placed ingress port?
3) Is it correct that qos policy for outgoing frames,decides the queue the frames be placed at egress port?
4) Is it possible to trust the Cos/dscp in frame/packet and have qos policy for outgoing frames ?
5) Scenario:
When f0/1 is in trunk mode:
sw1(config)# int f0/1
sw1(cofig-if)mls qos trust dscp
when switch receives the frame,will it drive the cos value from dscp-cos map and place the frame in appropiate queue?
When f0/1 is not access mode:
When a switch receives the frame , Would switch drive the cos value from DScp-cos map even though the port is in access mode and place the frame in appropiate queue at ingress port?
thanks a lot!Check out the SRND for QoS, it will answer of the questions you've posted here.
http://www.cisco.com/en/US/docs/solutions/Enterprise/WAN_and_MAN/QoS_SRND/QoS-SRND-Book.html
Hope that helps. -
3750X rate-limit (QoS)
Hello,
I'm trying to configure a rate-limit in a 3750X but I'm not seeing any result...
These are my configurations:
RF#show run
Building configuration...
Current configuration : 23410 bytes
! Last configuration change at 08:53:35 UTC Sun Mar 14 1993
version 15.0
no service pad
service timestamps debug datetime msec
service timestamps log datetime msec
no service password-encryption
hostname RF
boot-start-marker
boot-end-marker
no aaa new-model
switch 1 provision ws-c3750x-48p
system mtu routing 1500
ip routing
ip domain-name erf.carco.com.mx
rep admin vlan 100
mls qos
spanning-tree mode pvst
spanning-tree extend system-id
vlan internal allocation policy ascending
vlan 2
vlan 4
vlan 6
vlan 8
vlan 10
vlan 20
vlan 21
vlan 22
vlan 23
vlan 25
vlan 26
vlan 30
vlan 50
vlan 53
vlan 70
vlan 81
vlan 91
vlan 92
vlan 93
vlan 95
vlan 96
vlan 99
vlan 100
vlan 102
vlan 110
vlan 122
vlan 129
vlan 200
vlan 213
vlan 227
vlan 333
vlan 357
vlan 417
vlan 444
vlan 500
vlan 502
vlan 555
vlan 700
vlan 712
vlan 910
vlan 911
vlan 951
vlan 1105
vlan 1508
vlan 1830
vlan 1870
vlan 1890
vlan 1891
vlan 1892
class-map match-any test
match access-group 100
policy-map test
class test
police 150000000 512000 exceed-action drop
interface Loopback0
ip address 10.20.40.106 255.255.255.0
interface Port-channel22
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport mode trunk
bandwidth 10000000
rep segment 10
interface Port-channel24
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport mode trunk
bandwidth 10000000
rep segment 10
interface FastEthernet0
no ip address
no ip route-cache
shutdown
interface GigabitEthernet1/0/1
interface GigabitEthernet1/0/2
interface GigabitEthernet1/0/3
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 2,10,50,53,60,70,91-93,95,96,99,100,110,213,227
switchport trunk allowed vlan add 500,700,910,911,951,1830,1870,1890-1892
switchport mode trunk
no logging event link-status
shutdown
speed 1000
duplex full
interface GigabitEthernet1/0/4
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 2,8,10,20,50,53,70,91-93,95,96,99,100,110,213
switchport trunk allowed vlan add 227,500,700,910,911,951,1830,1870,1890-1892
switchport mode trunk
shutdown
speed 1000
duplex full
interface GigabitEthernet1/0/5
interface GigabitEthernet1/0/6
interface GigabitEthernet1/0/7
interface GigabitEthernet1/0/8
interface GigabitEthernet1/0/9
interface GigabitEthernet1/0/10
switchport access vlan 91
switchport mode access
logging event link-status
interface GigabitEthernet1/0/11
interface GigabitEthernet1/0/12
interface GigabitEthernet1/0/13
interface GigabitEthernet1/0/14
interface GigabitEthernet1/0/15
switchport access vlan 91
switchport mode access
logging event link-status
interface GigabitEthernet1/0/16
interface GigabitEthernet1/0/17
interface GigabitEthernet1/0/18
interface GigabitEthernet1/0/19
interface GigabitEthernet1/0/20
switchport access vlan 91
switchport mode access
logging event link-status
interface GigabitEthernet1/0/21
interface GigabitEthernet1/0/22
interface GigabitEthernet1/0/23
interface GigabitEthernet1/0/24
interface GigabitEthernet1/0/25
switchport access vlan 910
switchport mode access
interface GigabitEthernet1/0/26
interface GigabitEthernet1/0/27
interface GigabitEthernet1/0/28
interface GigabitEthernet1/0/29
interface GigabitEthernet1/0/30
interface GigabitEthernet1/0/31
interface GigabitEthernet1/0/32
interface GigabitEthernet1/0/33
interface GigabitEthernet1/0/34
interface GigabitEthernet1/0/35
interface GigabitEthernet1/0/36
interface GigabitEthernet1/0/37
no switchport
bandwidth 150000
ip address 10.20.103.13 255.255.255.252
rate-limit output access-group 100 24000000 3000000 3000000 conform-action transmit exceed-action drop
logging event link-status
interface GigabitEthernet1/0/38
interface GigabitEthernet1/0/39
interface GigabitEthernet1/0/40
interface GigabitEthernet1/0/41
interface GigabitEthernet1/0/42
interface GigabitEthernet1/0/43
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport mode trunk
bandwidth 10000000
channel-group 24 mode on
interface GigabitEthernet1/0/44
interface GigabitEthernet1/0/45
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 2,10,50,53,60,70,91-93,95,96,99,100,110,213,227
switchport trunk allowed vlan add 500,700,910,911,951,1830,1870,1890-1892
switchport mode trunk
shutdown
interface GigabitEthernet1/0/46
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 2,10,50,53,60,70,91-93,95,96,99,100,110,213,227
switchport trunk allowed vlan add 500,700,910,911,951,1830,1870,1890-1892
switchport mode trunk
shutdown
interface GigabitEthernet1/0/47
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport mode trunk
bandwidth 10000000
channel-group 22 mode on
interface GigabitEthernet1/0/48
switchport trunk encapsulation dot1q
switchport trunk native vlan 6
switchport trunk allowed vlan 2,7,10,20,50,53,70,91-93,95,96,99,100,110,213
switchport trunk allowed vlan add 227,700,910,911,951,1830,1870,1890-1892
switchport mode trunk
logging event link-status
shutdown
interface GigabitEthernet1/1/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 2,8,10,20,50,53,60,70,91-93,95,96,99,110,213,227
switchport trunk allowed vlan add 500,700,910,911,951,1830,1870,1890-1892
switchport mode trunk
shutdown
interface GigabitEthernet1/1/2
switchport trunk encapsulation dot1q
switchport trunk native vlan 100
switchport trunk allowed vlan 2,8,10,20,50,53,60,70,91-93,95,96,99,110,213,227
switchport trunk allowed vlan add 500,700,910,911,951,1830,1870,1890-1892
switchport mode trunk
shutdown
interface GigabitEthernet1/1/3
switchport trunk encapsulation dot1q
switchport trunk native vlan 6
switchport trunk allowed vlan 2,6,8,10,20,50,53,70,91-93,95,96,99,100,110,213
switchport trunk allowed vlan add 227,700,910,911,951,1830,1870,1890-1892
logging event link-status
shutdown
interface GigabitEthernet1/1/4
switchport trunk encapsulation dot1q
switchport trunk native vlan 6
switchport trunk allowed vlan 2,6,8,10,20,50,53,70,91-93,95,96,99,100,110,213
switchport trunk allowed vlan add 227,700,910,911,951,1830,1870,1890-1892
switchport mode trunk
logging event link-status
shutdown
interface TenGigabitEthernet1/1/1
interface TenGigabitEthernet1/1/2
interface Vlan1
no ip address
shutdown
interface Vlan6
description ***LANERF**
ip address 10.20.6.106 255.255.255.0
no ip redirects
interface Vlan23
description < TRANSITO MUR >
no ip address
no ip redirects
interface Vlan100
description < VLAN MAN >
ip address 10.20.100.106 255.255.255.0
no ip redirects
ip ospf authentication message-digest
ip ospf message-digest-key 1 md5 7 032368342B2F0F
ip ospf dead-interval minimal hello-multiplier 4
router ospf 1
router-id 10.20.40.106
auto-cost reference-bandwidth 100000
area 0.0.0.0 authentication message-digest
area 1.80.1.1 authentication message-digest
redistribute connected subnets
redistribute static subnets
passive-interface default
no passive-interface Vlan23
no passive-interface Vlan100
no passive-interface GigabitEthernet1/0/37
network 10.20.6.0 0.0.0.0 area 0.0.0.0
network 10.20.40.106 0.0.0.0 area 0.0.0.0
network 10.20.91.6 0.0.0.0 area 0.0.0.0
network 10.20.100.106 0.0.0.0 area 0.0.0.0
default-information originate
ip http server
ip http secure-server
access-list 100 permit ip 10.50.80.0 0.0.0.255 10.80.80.0 0.0.0.255
access-list 100 permit ip 10.80.80.0 0.0.0.255 10.50.80.0 0.0.0.255
snmp-server community ASComRO RO
line con 0
line vty 0 4
login
line vty 5 15
login
event manager applet track_qos_down authorization bypass
event syslog pattern "TRACKING-5-STATE: 15 ip sla 15 reachability Up->Down"
action 1 cli command "enable"
action 2 cli command "configure terminal"
action 3 cli command "interface giga1/0/37"
action 4 cli command "rate-limit output access-group 100 400000000 50000000 50000000 conform-action transmit exceed-action drop"
action 5 cli command "end"
event manager applet track_qos_up authorization bypass
event syslog pattern "TRACKING-5-STATE: 15 ip sla 15 reachability Down->Up"
action 1 cli command "enable"
action 2 cli command "configure terminal"
action 3 cli command "interface giga1/0/37"
action 4 cli command "no rate-limit output access-group 100 400000000 50000000 50000000 conform-action transmit exceed-action drop"
action 5 cli command "end"
end
ERF#
ERF#show mls qos
QoS is enabled
QoS ip packet dscp rewrite is enabled
ERF#show mls qos inter gigabitEthernet 1/0/37
GigabitEthernet1/0/37
trust state: not trusted
trust mode: not trusted
trust enabled flag: ena
COS override: dis
default COS: 0
DSCP Mutation Map: Default DSCP Mutation Map
Trust device: none
qos mode: port-based
When I apply the command I'm seeing a gauge using a 3rd party but I'm not seeing that the traffic will be truncated @ 50Mbps.
Any thoughts???Hi
Bandwidth commands allocates the particular amount of bandwidth you mention or configure over there.
Basically you have the liberty to configure upto 75% of the available interface bandwidth to different classes.
most widelys used with CBWFQ technique..
so while configuring up the same better to watch out for the exact bandwidth value keyed in on the interface to have your alloocation work properly.
policing basically used for limiting the traffic or to control the bursts by dropping them or marking them with different ip precedence or DSCP values.
its very much similar to the rate-limit command applied on the interface level which again uses token bucket system either single or dual based on the configuration parameters.
for more info on above mentioned clis do check these links..
http://www.cisco.com/en/US/tech/tk543/tk545/tsd_technology_support_protocol_home.html
http://www.cisco.com/en/US/tech/tk543/tk544/tsd_technology_support_protocol_home.html
regds -
I fond the below chart and I want to make sure I understand it correctly. Accoding to that chart my nexus 7k with F cards trust Cos by default and not DSCP. Is that correct?
our Access switches have mls qos trust dscp and our voip devices are making traffic as dscp.
Thanks
6500
N7K
ENABLE QOS
mls qos
Enabled by default
TRUST
mls qos trust [cos|dscp|ip-precedence]
DSCP (on M1 modules) and CoS (on F1 modules) trusted by default
INTERNAL QOS
QoS Label is used internally
CoS and/or DSCP passed through, though QoS-Groups can be used
COS TO DSCP MAPPING
Default of CoS to 3 most significant bits of DSCP (CoS 1 to DSCP 8 )
Same
DSCP to COS MAPPING
Default 3 most significant bits of DSCP to CoS (DSCP 10 to CoS 1)
Same
CHANGE COS/DSCP MAPPING
Modify cos-dscp or dscp-cos maps
Create and apply qos policy-map(s) ingress and/or egressI fond the below chart and I want to make sure I understand it correctly. Accoding to that chart my nexus 7k with F cards trust Cos by default and not DSCP. Is that correct?
our Access switches have mls qos trust dscp and our voip devices are making traffic as dscp.
Thanks
6500
N7K
ENABLE QOS
mls qos
Enabled by default
TRUST
mls qos trust [cos|dscp|ip-precedence]
DSCP (on M1 modules) and CoS (on F1 modules) trusted by default
INTERNAL QOS
QoS Label is used internally
CoS and/or DSCP passed through, though QoS-Groups can be used
COS TO DSCP MAPPING
Default of CoS to 3 most significant bits of DSCP (CoS 1 to DSCP 8 )
Same
DSCP to COS MAPPING
Default 3 most significant bits of DSCP to CoS (DSCP 10 to CoS 1)
Same
CHANGE COS/DSCP MAPPING
Modify cos-dscp or dscp-cos maps
Create and apply qos policy-map(s) ingress and/or egress -
Hi Everyone,
I've got a C6504 Chassis with Sup2T with default qos configuration (auto qos default gobal command). When I use the "show platform qos ip" command I can see the following output:
QoS Summary [IPv4]: (* - shared aggregates, Mod - switch module, Sid - Switch Id, E - service instance)
(^ - class-copp keyword)
Int Sid Mod Dir Class-map DSCP Agg Trust Fl AgForward AgPoliced
Id Id
CPP 1 1 In ^mcast-v4- 0 1 No 0 0 0
CPP 1 1 In ^match-igm 48 2 No 0 0 0
All 1 1 - Default 0 0* No 0 11780258945376 0
All 1 4 - Default 0 0* No 0 28254137334635 0
1. ¿Why I can only see traffic with DSCP=0 if I know there are traffic with different DSCP markings passing through my C6504?
The interfaces are properly configured to trust cos markings and queue traffic
MLS#show queueing interface gi1/1/1
Interface GigabitEthernet1/1/1 queueing strategy: Weighted Round-Robin
Port QoS is enabled globally
Queueing on Gi1/1/1: Tx Enabled Rx Enabled
MLS#interface GigabitEthernet1/1/1
switchport
platform qos trust cos
2. Does the Sup2T with default qos configuration rewrite to 0 all DSCP markings by default?
Thank you in advance.What is the IOS version you are running & what is the line card in your chassis module 1 ?, the commands output seems different what I am seeing in one of my Sup2T.
CR01#sh ver | in Soft
Cisco IOS Software, s2t54 Software (s2t54-ADVENTERPRISEK9-M), Version 15.1(2)SY, RELEASE SOFTWARE (fc4)
CR01#show platform qos ip
QoS is in queueing-only mode
CR01#show queueing interface g6/1
Interface GigabitEthernet6/1 queueing strategy: Weighted Round-Robin
Port QoS is enabled globally
Queueing on Gi6/1: Tx Enabled Rx Enabled
Trust boundary disabled
Trust state: trust DSCP
Trust state in queueing: trust COS
Extend trust state: not trusted [COS = 0]
Default COS is 0
Queueing Mode In Tx direction: mode-cos
Transmit queues [type = 1p3q4t]:
Queue Id Scheduling Num of thresholds
01 WRR 04
02 WRR 04
03 WRR 04
04 Priority 01
WRR bandwidth ratios: 100[queue 1] 150[queue 2] 200[queue 3]
queue-limit ratios: 50[queue 1] 20[queue 2] 15[queue 3] 15[Pri Queue]
queue tail-drop-thresholds
1 70[1] 100[2] 100[3] 100[4]
2 70[1] 100[2] 100[3] 100[4]
3 100[1] 100[2] 100[3] 100[4]
queue random-detect-min-thresholds
1 40[1] 70[2] 70[3] 70[4]
2 40[1] 70[2] 70[3] 70[4]
3 70[1] 70[2] 70[3] 70[4]
queue random-detect-max-thresholds
1 70[1] 100[2] 100[3] 100[4]
2 70[1] 100[2] 100[3] 100[4]
3 100[1] 100[2] 100[3] 100[4]
WRED disabled queues:
queue thresh cos-map
1 1 0
HTH
Rasika
**** Pls rate all useful responses **** -
3750 Disable QoS and fix the buffers?
I have done a lot of research on the subject and found that the 3750 is best left without any QoS enabled. customer is complaining about a lot of dropped packets and this is affecting realtime traffic quite a bit.
What i want to do is, compelelty disable QoS and also set the buffer sizes to the most optimal settings, -or- to the maximum settings if that is better. I also want the switch to leave any dscp/QoS markings it recieves intact on all ports, so do I need to still trust dscp on every interface or just disable qos rewrite?
can anyone shed light on the commands to do so?
sh ver: WS-C3750E-24PD-S
current relevant config:
mls qos
Queueset: 1
Queue : 1 2 3 4
buffers : 25 25 25 25
threshold1: 100 200 100 100
threshold2: 100 200 100 100
reserved : 50 50 50 50
maximum : 400 400 400 400
sh mls qos interface (all interfaces have the same values as this)
GigabitEthernet1/0/1
trust state: not trusted
trust mode: not trusted
trust enabled flag: ena
COS override: dis
default COS: 0
DSCP Mutation Map: Default DSCP Mutation Map
Trust device: none
qos mode: port-based
sh mls qos
QoS is enabled
QoS ip packet dscp rewrite is enabledDisclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
The 3750 doesn't always operate best with QoS disabled but enabled QoS often requires customization of its QoS settings.
If you disable QoS, by default, ToS/CoS markings will be passed through the 3750 as is. Buffer configuration settings have no impact (as far as I know).
If you enable QoS, then you may very much have a need to adjust buffers settings, but one size doesn't fit all. Optimal buffer settings would depend on your intended QoS policy and your traffic. -
CATOS QOS commands - what are they in IOS?
I have the following commands in CATOS on a 6500 but I need to know what they should be in IOS 12.2(17d)SXB10?
set qos enable
set qos cos-dscp-map 0 8 16 24 32 46 50 56
set qos map 2q2t tx 2 2 cos 5
set qos acl ip TRUST-DSCP trust-dscp any
commit qos acl TRUST-DSCP
set qos acl map TRUST-DSCP 8/1-48
Please can someone help???!!set qos enable
Router(config)# mls qos
!!set qos cos-dscp-map 0 8 16 24 32 46 50 56
Router(config)# mls qos map cos-dscp
!!set qos map 2q2t tx 2 2 cos 5
Router(config)# interface gigabitethernet 1/1
Router(config-if)# rcv-queue cos-map queue_# threshold_# cos1 [cos2 [cos3 [cos4 [cos5 [cos6 [cos7 [cos8]]]]]]]
Router(config)# interface gigabitethernet 1/1
Router(config-if)# wrr-queue cos-map 1 1 0 1
!!set qos acl ip TRUST-DSCP trust-dscp any
!!commit qos acl TRUST-DSCP
!!set qos acl map TRUST-DSCP 8/1-48
Router(config)# class-map class_name
Router(config-cmap)# match access-group name acl_index_or_name
Router(config)# policy-map policy_name
Router(config-pmap)# class class_name
Router(config-pmap-c)# trust dscp
Router(config)# interface fastethernet 1/1
Router(config-if)# service-policy [input | output] policy_map_name
I believe this is right. If you need further clarification please ask or refer to
http://www.cisco.com/en/US/products/hw/switches/ps708/products_configuration_guide_chapter09186a00801679f8.html -
HI
We've just purchased 3850 switch part of a wireless upgrade, but we are usign 8500 wlc.
Want to use the 3580 just as a edge switch without the wlc as we didn't purchase the licences.
Using our exsiting 3750x template haing issues with the QOS settings
mls qos map cos-dscp 0 8 16 24 32 46 48 56
mls qos srr-queue input cos-map queue 2 threshold 1 3
mls qos srr-queue input dscp-map queue 2 threshold 1 24
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 1 2
mls qos srr-queue output cos-map queue 2 threshold 3 3
mls qos srr-queue output cos-map queue 3 threshold 1 1
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 6 7
mls qos queue-set output 2 threshold 2 3200 3200 100 3200
mls qos queue-set output 2 buffers 10 70 10 10
mls qos
any help would be apprieicated in pointing to right direction.
Have been looking for last couple of days.
cheersHi
this might help (as we moved from 3750 to 3850 switches, we had to rebuild qos).
The basic idea is something like this
Class-maps:
class-map match-any CM_VOIP
match dscp ef
class-map match-any CM_SIGNALING
match ip dscp cs3
match ip dscp af31
class-map match-any VC_VIDEO
match dscp af41
Policy map for the uplink:
policy-map UPLINK-OUT
class CM_VOIP
priority level 1 percent 10 (this is the high priority queue)
police cir percent 10 conform-action transmit exceed-action drop
class CM_SIGNALING
priority level 2 percent 5 (low priority queue)
police cir percent 5 conform-action transmit exceed-action drop
class VC_VIDEO
bandwidth remaining percent 10
class class-default
bandwidth remaining percent 75
Uplink config:
Interface Gi1/1/1
Service-policy output UPLINK-OUT
This way you can build your qos policies. You can tune anyway you like / configure more traffic types and/or confighure policies for access ports -
Hello,
I am trying to upgrade from 3750 to 3850. Following is my outbound WTD qos config on 3750:
mls qos srr-queue output cos-map queue 1 threshold 3 5
mls qos srr-queue output cos-map queue 2 threshold 1 2 4
mls qos srr-queue output cos-map queue 2 threshold 2 3
mls qos srr-queue output cos-map queue 2 threshold 3 6 7
mls qos srr-queue output cos-map queue 3 threshold 3 0
mls qos srr-queue output cos-map queue 4 threshold 3 1
mls qos srr-queue output dscp-map queue 1 threshold 3 46
mls qos srr-queue output dscp-map queue 2 threshold 1 16 18 20 22 32 34 36 38
mls qos srr-queue output dscp-map queue 2 threshold 2 24 26 28 30
mls qos srr-queue output dscp-map queue 2 threshold 3 48 56
mls qos srr-queue output dscp-map queue 3 threshold 3 0
mls qos srr-queue output dscp-map queue 4 threshold 1 8
mls qos srr-queue output dscp-map queue 4 threshold 3 4 10 12 14
mls qos queue-set output 1 threshold 2 70 80 100 100
mls qos queue-set output 1 threshold 4 40 100 100 100
What will be the equivalent config for the 3850? I am not able to find the right documentation for 3850.
Following is what I created but I believe it wouldnt handle WTD.
class-map match-any EF
match dscp ef
class-map match-any CS3AF41
match dscp cs3 af41
class-map match-any AF21
match dscp af21
class-map match-any AF11
match dscp af11
class-map match-any Default
match dscp default
policy-map QOS-OUTBOUND
class EF
priority level 1
class CS3AF41
priority level 2
class AF21
bandwidth remaining percent 20
shape average percent 100
class AF11
bandwidth remaining percent 20
shape average percent 100
class Default
bandwidth remaining percent 60
shape average percent 100
Also, when I try to apply this to an interface, it accepts it but its not visible under show runn. Am I missing anything?
I would appreciate any help with this.
Thank you.Hi,
3850 is not supporting MLS QoS (so any QoS commands start with mls keyword is not applicable in this switch platform- even thoug they are accepted).
It is a MQC QoS based switch platform (like 6500,4500). There are few Queing models (1P7Q3T, 2P6Q3T for wired & 2P2Q for wireless) supported in this platform. Please refer below post for more detail
http://mrncciew.com/2013/12/23/3850-qos-part-2-queuing-models/
Based on this you need to derive your config changes. As you can see in the above "queue limit x " is the command used to configure WTD for non-priority queues (ie Q2 to Q6)
Regarding running config, you can use "show running-config all" command to see all the configuration lines of your switch including default configs
HTH
Rasika
***Pls rate all useful responses **** -
Convert Qos commands from CATOS to IOS
Hello,
i've some problems converting some Qos commands from CATos to IOS can anybody help me?
set qos drop-threshold 1q4t rx queue 1 50 60 80 100
set qos map 2q2t tx 1 1 cos 0
set qos map 1p1q4t rx 1 3 cos 4
set qos wrr 1p2q2t 50 255
set qos txq-ratio 1p2q2t 70 15 15
set qos wred 1p2q2t tx queue 1 70:100 70:100
set qos bridged-microflow-policing disable 1,50-54,100-121,500,700-702,1006-1011,1016
set qos policed-dscp-map 1:1
set qos policed-dscp-map excess-rate 0:0
set qos acl default-action ip dscp 0
set qos acl default-action ipx
set qos acl default-action mac
set qos policy-source local
set qos rsvp disable
set qos rsvp policy-timeout 30
set qos rsvp local-policy forward
!Module with GE interfaces
set port qos 3/1-16 cos 0
set port qos 3/1-16 trust trust-cos
set port qos 3/1-16 port-based
set port qos 3/1-16 policy-source local
set qos statistics export port 3/1 disable
set qos statistics export port 3/2 disable
set qos statistics export port 3/3 disable
set qos statistics export port 3/4 disable
set qos statistics export port 3/5 disable
set qos statistics export port 3/6 disable
set qos statistics export port 3/7 disable
set qos statistics export port 3/8 disable
set qos statistics export port 3/9 disable
set qos statistics export port 3/10 disable
set qos statistics export port 3/11 disable
set qos statistics export port 3/12 disable
set qos statistics export port 3/13 disable
set qos statistics export port 3/14 disable
set qos statistics export port 3/15 disable
set qos statistics export port 3/16 disableThis URL should help you:
http://www.cisco.com/warp/public/473/73.html
Maybe you are looking for
-
Can Someone Tell me how to Secure my webpage from Copying? Thanks!
I am new to iweb and .mac. I have just punished my first page to my .web account. It has some family photos on it. How do I make it so that people cannot do a "save as" and copy the pictures that are on the web page? Thanks for your help, Steve.
-
When I try to read a page with Adobe Reader I get the following message: Adobe Reader cannot show documents in this browser. Why is that ? It occurer a short period ago, and prior to that I have had no problem. I have no problem when I use Safari - b
-
Hi, I am trying to use SDO_GEOM.WITHIN_DISTANCE on geodetic data, but I don't want to use meter as unit for the tolerance. I thought I simply can set the unit to 'Degree', but this does not work: select SDO_GEOM.WITHIN_DISTANCE( MDSYS.SDO_GEOMETRY('P
-
I've got a problem with my network connection when i wake my ipad2 from "sleep mode". I need to "renew lease" to get it to work. Any one who got the same problem? I've also got an iphone 3gs on the same network, and it's not having any problem. Any s
-
Okay, so I bought an HP DeskJet 5940xi. I use an older version of Word that runs in OS 9. But the DeskJet will not work under OS 9. I did a search and saw a reference to using the Printer Utility to trick the HP into running as Laser 8. Will this wor