Number of class maps (QOS) supported on 7200 and 7600
Hi,
Have few queries on class maps for QOS, putting forward for your comments/inputs.
1. Want to know if there are any limitation (s) on the number of class maps (to be applied inbound/outbound) that can be configured on the 7200 and 7600 routers.
2. Is there any imitation on the numbers (of class maps) in general or will it depend on the sum total of BW configured in the classes? I mean which one will be the deciding factor i.e. if the limit is wrt to the configured classes or the number of classes can't go beyond the consolidated bandwidth configured on the interface.
Kindly share details on the same and if there are any recommendations.
Thanks! in advance.
From: http://www.cisco.com/en/US/tech/tk543/tk545/technologies_q_and_a_item09186a00800cdfab.shtml
"Q. How many classes does a Quality of Service (QoS) policy support?
A. In Cisco IOS versions earlier than 12.2 you could define a maximum of only 256 classes, and you could define up to 256 classes within each policy if the same classes are reused for different policies. If you have two policies, the total number of classes from both policies should not exceed 256. If a policy includes Class-Based Weighted Fair Queueing (CBWFQ) (meaning it contains a bandwidth [or priority] statement within any of the classes), the total number of classes supported is 64.
In Cisco IOS versions 12.2(12),12.2(12)T, and 12.2(12)S, this limitation of 256 global class-maps was changed, and it is now possible to configure up to 1024 global class-maps and to use 256 class-maps inside the same policy-map."
Similar Messages
-
Revision: 15252
Revision: 15252
Author: [email protected]
Date: 2010-04-06 16:57:34 -0700 (Tue, 06 Apr 2010)
Log Message:
1) SMILPlugin - SMILMediaGenerator class modified to support both live and vod smil files. SMILLoader modified to retain original resource metadata.
2) AkamaiBasicStreamingPlugin refactored. This includes improved support for all types of streams while the plugin is loaded, added support for plugin metadata that can override built in defaults for a) live stream time out; b) whether or not the plugin should try to reconnect to a live stream if both primary and secondary encoders fail; c) the interval at which the retry should occur. Added support for resource metadata for specifying connect-level and stream-level auth tokens so that these tokens do not need to be part of the URL (although this is acceptable also).
3) AkamaiPluginSample app updated to support auth tokens which are not part of the URL (these are passed to the Akamai plugin via resource metadata).
Modified Paths:
osmf/trunk/apps/samples/plugins/AkamaiPluginSample/.actionScriptProperties
osmf/trunk/apps/samples/plugins/AkamaiPluginSample/src/AkamaiPluginSample.mxml
osmf/trunk/plugins/SMILPlugin/org/osmf/smil/loader/SMILLoader.as
osmf/trunk/plugins/SMILPlugin/org/osmf/smil/media/SMILMediaGenerator.as
osmf/trunk/plugins/akamai/AkamaiBasicStreamingPlugin/.actionScriptProperties
osmf/trunk/plugins/akamai/AkamaiBasicStreamingPlugin/AkamaiBasicStreamingPlugin.as
osmf/trunk/plugins/akamai/AkamaiBasicStreamingPlugin/com/akamai/osmf/AkamaiBasicStreaming PluginInfo.as
osmf/trunk/plugins/akamai/AkamaiBasicStreamingPlugin/com/akamai/osmf/net/AkamaiNetConnect ion.as
osmf/trunk/plugins/akamai/AkamaiBasicStreamingPlugin/com/akamai/osmf/net/AkamaiNetConnect ionFactory.as
osmf/trunk/plugins/akamai/AkamaiBasicStreamingPlugin/com/akamai/osmf/net/AkamaiNetLoader. as
osmf/trunk/plugins/akamai/AkamaiBasicStreamingPlugin/com/akamai/osmf/net/AkamaiNetStream. as
Removed Paths:
osmf/trunk/plugins/akamai/AkamaiBasicStreamingPlugin/com/akamai/osmf/events/ -
After installing mavericks a number of apps are not supported in Mac and iphone/ipad
after having istalled mavericks several apps do not function on te iMac /iPhone/iPad
such as C Cleaner on the Mac and several apps on the phone/ ipad do not syncronise the updates anymore.is by the way available in app store as crapware?
Sorry, again I'm not exactly sure what you're asking. Language barrier. Your English is certainly better than my proficiency in your language.
If you are asking, "Is crapware like C Cleaner available in the app store?" , or, "if software is available in the App Store, does that guarantee that it is good?", I don't know. I can't speak for Apple's decision making process in what does or does not go into the App Store. Dishonest developers (and crapware developers are, by definition, dishonest), can certainly inflate their own ratings. So I wouldn't go by the ratings.
A comprehensive discussion of Mac maintenance is perhaps best left for another day.
But my opinion is this:
OSX is very, very well written software, and has powerful and effective troubleshooting and maintenance software already built in.
There are very few circumstances in which one might need any third-party software to diagnose or treat a software problem with a Mac. Especially if you avoid putting crapware into your computer in the first place.
Any third party software that says it will clean, defragment, optimize, or speed up your mac is probably crapware, and will harm your computer. People install these apps before they have any basic knowledge of the maintenance software that is already built in to their Macs. -
In the following class-map:
"class-map match-any voice
match access-group 190"
If the ACL 190 has more than one line with "permit" statements.
In order for the policy-map using the above class-map to find a match and use the rules applied for the above class-map, does the traffic need to meet all the criteria in the ACL or does it work like a regular ACL, where it "walks" down and it stops execution at the first permit/deny "hit"?
Regards,
Christosthe explicit " match-any" will do just that.So, a nested ACL can be configured for multiple criteria.
The alternate is a "match-all" where all nested options in your acl MUST be met. Hope this helps.
T -
Does Huawei router NE40 support Class-Based QoS?
As I know Class-based QoS defines traffic classifiers based on certain rules and associates traffic classifiers with certain traffic behaviors, forming certain traffic policies. After
these policies are applied to interfaces, class-based traffic policing, traffic shaping, congestion management, and precedence re-marking are implemented.
Does Huawei router NE40 support Class-Based QoS?The NE80E/40E supports DiffServ and provides standard forwarding services such as EF and AF for users by using the following traffic management measures:
1 Traffic classification
2 Traffic policing
3 Traffic shaping
4 Congestion avoidance
QoS of the NE80E/40E supports traffic policy with the above measures and mapping between the QoS fields in the IP header and the MPLS header.
And more information about router NE40, please visit:
http://www.huanetwork.com/huawei-router-ne40e-series-price_c89 -
Class-map does not support match protocol ssl
I have several 1941/k9's that do not have the class-map command: to suppot ssl. System image is c1900-universalk9-mz.SPA.152-1.T.bin.
class-map match-any af31
match protocol ssl <-- missing.
I did some google searches but come up with nothing.
Is the fix to upgrade IOS? I have found it on other routers running c1900-universalk9-mz.SPA.152-4.M4.bin. I would just upgrade and check but have an extensive change review board with questions before doing so.
Thanks for advice,
HaydnDisclaimer
The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.
Liability Disclaimer
In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.
Posting
I'm not current on NBAR (or NBAR 2), but NBAR used to support loadable modules (PDMs?). Sometimes Cisco would provide those so you could add match protocols without upgrading your IOS.
Otherwise the "fix" would be to upgrade your IOS.
Lastly, depending on what it matching SSL really means to you, using port based ACLs might suffice (in fact, some NBAR match protocol is only really that, but some NBAR matches regardless of the port usage).
PS:
Also on the subject of SSL, don't forget much can use it. I once matched on it for the purposes of providing secure shell higher queuing priority, worked great for SSH, not so great when secure copy (SCP) also matched against it. -
3850 QoS class-map match-all?
I would like to create a QoS marking policy that re-marks packet to CS5 if the inbound traffic is SIP *and* if it is marked CS3 when it comes in. I would have expected the configuration listed below will work. I only found out when I tried to apply the config that, unlike other IOS devices, "class-map match-all" does not exist in 3850 3.3.x code. It can only do "class-map match-any" Can anyone suggest a work-around config for 3850 to achieve the same end result?
ip access-list extended ACL-QOS-SIP
permit tcp any range 5060 5061 any
permit tcp any any range 5060 5061
ip access-list extended ACL-QOS-CS3
permit ip any any dscp cs3
class-map match-all CM-QOS-CS5
match access-group name ACL-QOS-CS3
match access-group name ACL-QOS-SIP
policy-map PM-QOS-MARKING
class CM-QOS-CS5
set ip dscp cs5
Any suggestions would be appreciated.jlkeys, below is configuration I ended up using to resolve the issue:
ip access-list extended ACL-QOS-SIP
permit tcp any range 5060 5061 any dscp cs3
class-map match-any CM-QOS-CS5
match access-group name ACL-QOS-SIP
policy-map PM-QOS-MARKING
class CM-QOS-CS5
set ip dscp cs5 -
Trying to understand the class-default for marking
I have the concept of Identify traffic with ACLs
Classify traffic for marking with class-maps
Mark traffic with policy-maps
the policy-map will always have a default-class for unaccounted traffic in the policy-maps
what I don't quite understand is that the there is not a class-map class-default
when servicing the "policy" the class-maps are referenced with "class A" "class B" "class class-default"
when looking for the matches on class class-default there is no reference class-map to go to....
I figured I have to accept this logic means if traffic was not specifically matched by the collection of class-maps in the config the IOS can assume the traffic would have been/is class-default.
i had put a config together to classify certain traffic as CS0, like SNMP... i wanted to force traffic there as well as having all unaccounted traffic being classified CS0.
but from what i read if i don't have snmp matched in any class-map in the config then this traffic would find itself in
policy-map XXX
class class-default
set ip precedence 0
even though class-default does not exist as class-map class-defaultHi,
You want to mark some traffic as CS0? and then count that traffic? but you won't know which traffic had CS0 imposed or was natively IPP 0 like all data traffic not specifically marked.
the class class-default exists just do a show class-map and you'll see it, it is the IOS which creates it.
Doing a show policy-map interface will show you which class-map was matched. -
QoS - Create class-map while inside policy-map
The cisco training notes for CME claim you can create a non-existant class-map while in the policy-map. Here is the what the notes say
router(config-pmap)#class class-map-name condition
? Optionally you can define a new class-map by entering the condition after the name of the new class map
Does this workIf my memory serves me, it was on a 7206VXR running a 12.3 cut. Also, I do recall that the '?' will not present this as an option but it still works...
Paresh. -
Hello,
When configuring a class-map, I want to match based on DSCP values. I see that I can configure the match statement either as "match dscp" or "match ip dscp". The router accepts either one. Is there a difference between these two, or do they accomplish the same thing?Hi,
"match dscp" matches both IPv4 and IPv6 traffic while "match ip dscp" matches only IPv4 traffic.
HTH,
Nagendra -
Dear Cisco Expert,
We are facing problem terminating PPPoE users on Cisco 7206VXR NPE-G2 router where in user connects to router but policy-map is not applying on user interface.
Below mentioned message is logged on router.
%SW_MGR-3-CM_ERROR_FEATURE_CLASS: Connection Manager Feature Error: Class SSS: (QoS) - install error, ignore.
Below is the "show version" output.
Cisco IOS Software, 7200 Software (C7200P-ADVIPSERVICESK9-M), Version 12.2(33)SRC, RELEASE SOFTWARE (fc3)
Technical Support: http://www.cisco.com/techsupport
Copyright (c) 1986-2008 by Cisco Systems, Inc.
Compiled Fri 11-Jan-08 02:44 by prod_rel_team
ROM: System Bootstrap, Version 12.4(12.2r)T, RELEASE SOFTWARE (fc1)
aggr03 uptime is 1 day, 6 hours, 4 minutes
System returned to ROM by reload at 05:45:18 IST Wed Sep 3 2014
System restarted at 05:46:53 IST Wed Sep 3 2014
System image file is "disk2:c7200p-advipservicesk9-mz.122-33.SRC.bin"
Last reload reason: Reload command
This product contains cryptographic features and is subject to United
States and local country laws governing import, export, transfer and
use. Delivery of Cisco cryptographic products does not imply
third-party authority to import, export, distribute or use encryption.
Importers, exporters, distributors and users are responsible for
compliance with U.S. and local country laws. By using this product you
agree to comply with applicable laws and regulations. If you are unable
to comply with U.S. and local laws, return this product immediately.
A summary of U.S. laws governing Cisco cryptographic products may be found at:
http://www.cisco.com/wwl/export/crypto/tool/stqrg.html
If you require further assistance please contact us by sending email to
[email protected].
Cisco 7206VXR (NPE-G2) processor (revision A) with 1966080K/65536K bytes of memory.
Processor board ID 31782123
MPC7448 CPU at 1666Mhz, Implementation 0, Rev 2.2
6 slot VXR midplane, Version 2.7
Last reset from power-on
PCI bus mb1 (Slots 1, 3 and 5) has a capacity of 600 bandwidth points.
Current configuration on bus mb1 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported.
PCI bus mb2 (Slots 2, 4 and 6) has a capacity of 600 bandwidth points.
Current configuration on bus mb2 has a total of 0 bandwidth points.
This configuration is within the PCI bus capacity and is supported.
Please refer to the following document "Cisco 7200 Series Port Adaptor
Hardware Configuration Guidelines" on Cisco.com <http://www.cisco.com>
for c7200 bandwidth points oversubscription and usage guidelines.
1 FastEthernet interface
3 Gigabit Ethernet interfaces
2045K bytes of NVRAM.
500472K bytes of ATA PCMCIA card at slot 2 (Sector size 512 bytes).
65536K bytes of Flash internal SIMM (Sector size 512K).
Configuration register is 0x2102
Can somebody help please?
Thanks,
Nilesh.Hi Inayath,
We are applying policy-map on user virtual-interface via radius attributes.
Cisco-Avpair+="lcp:interface-config#1=service-policy input 256k"
Cisco-Avpair+="lcp:interface-config#2=service-policy output 256k"
Below is the relevant configuration for cisco router.
aggri03#sh policy-map 256k
Policy Map 256k
Class 256k
police cir 520000 bc 32000
conform-action transmit
exceed-action drop
aggri03#sh run int virtual-te1
Building configuration...
Current configuration : 398 bytes
interface Virtual-Template1
mtu 1492
ip unnumbered Loopback100
no ip redirects
no ip unreachables
no ip proxy-arp
no logging event link-status
peer default ip address pool poolname
no snmp trap link-status
keepalive 60
ppp authentication pap callin
ppp ipcp dns 203.187.x.y 203.187.x.y
ppp timeout ncp 30
ppp timeout authentication 20
ppp timeout idle 480
end
Below is the complete log line on router.
Sep 3 16:41:31: %SW_MGR-3-CM_ERROR_FEATURE_CLASS: Connection Manager Feature Error: Class SSS: (QoS) - install error, ignore.
-Traceback= 4A9C88 4AAC20 4AB350 12B6040 12C8B38 2C2F24C 2C2F2FC 12C8E0C 12C9000 12C94D0 12B4788 12B4D40 12B4E84 12AFEB0 12B02FC
Please let me know if you want further information & thanks for your inputs.
Thanks,
Nilesh. -
Policy map/ class map/ service policy for IOS xr
Hi,
I need to create a policy map and class map/service policy to limit the amount of bandwidth that can be used on one interface both in and out.
I need the cap for the bandwidth to traverse this circuit to ne 10 Meg.
the IOS xr version we are using is 4.3.4
I was hoping someone could help me out by giving me a configuration example I could follow.
Thank you.for instance like this:
policy-map police-in
class class-default
police rate 10 mpbs <optionally set burst>
policy-map shape-out-parent
class class-default
shape 10 mpbs <optional burst config>
service-policy shape-out-child
policy-map shape-out-child
class class-default
queue-limit 10 packets
int g 0/0/0/0
service-policy police-in in
service-policy shape-out-parent out
also have a look at CL 2013/2014 (orlando/sanfran) ID 2904 for more QOS details
and the support forum article of "asr9000 quality of service architecture"
xander -
Class-Map and Policy-Map Configuration in CM Confusion
Hi,
I'm implementing a green field WAAS deployment for a customer. We currently have a Proof-of-Concept up and running.
I've got some questions regarding custom class-map and policy-map configuration in the CM. I'd like to nail-down the custom class-map and policy-map configuration (and understanding) in the PoC before cutting over the PoC branches to the production WAAS environment.
Assuming a typical WAAS Deployment using WCCP for off-path interception, branch to DC.
==> 61 in LAN (BRANCH ROUTER) <== 62 in WAN (WAN CLOUD) ==> 61 in WAN (DC ROUTER) <== 62 in LAN
We are using two distinct device groups, BRANCH and DATA CENTER.
If the customer has traffic that we need to classify in order to provide TFO only optimisation, should the single class-map include the traffic in both directions? Ie., (assume the SERVER is 10.1.1.1 TCP Port 443). Should the class-map be configured as:
Class-Map
Line 1: DST IP 10.1.1.1 DST Port 443
Line 2: SRC IP 10.1.1.1 SRC Port 443
Or in this case is only the DST line required? And in which Device Group should the custom policy be applied? Or should it be applied to both Device Groups? If it should be applied to both Device Groups, then would it make more sense to have the policy-map in the Branch DG configured to match the DST traffic, and on the Data Center DG have a different class-map match the SRC traffic?
My confusion is how to classify the traffic (SRC or DST or Both - Separate classes for each or different lines within the same class-map), and where to apply the appropriate policy (both Device Groups, just Branch, just DC) and why...
I tried to apply a custom policy and the impact in the PoC was that the TCP Summary report stopped reporting the individual traffic classes showed 'other traffic' only. Can anyone explain why this may have occurred?
I hope this makes sense.for instance like this:
policy-map police-in
class class-default
police rate 10 mpbs <optionally set burst>
policy-map shape-out-parent
class class-default
shape 10 mpbs <optional burst config>
service-policy shape-out-child
policy-map shape-out-child
class class-default
queue-limit 10 packets
int g 0/0/0/0
service-policy police-in in
service-policy shape-out-parent out
also have a look at CL 2013/2014 (orlando/sanfran) ID 2904 for more QOS details
and the support forum article of "asr9000 quality of service architecture"
xander -
How to get OIDs of indexes for class-map ?
I have policy-map configured on cisco router with some class-maps inside. I need to draw a graph traffic passing through these classes. To make a graphs I use Cacti which use SNMP query to draw the graphs (object name cbQosObjectsIndex).
How to get OIDs of class-map indexes ?
I tried to do this by following query:
#snmpwalk -c community_string -v 2c 192.168.0.252 1.3.6.1.4.1.9.9.166.1.5.1.1.1
but the answer was:
iso.3.6.1.4.1.9.9.166.1.5.1.1.1 = No Such Object available on this agent at this OID
The information i need is contained at the OID 1.3.6.1.4.1.9.9.166.1.15.1.1.7:
# snmpwalk -c community_string -v 2c 192.168.0.252 1.3.6.1.4.1.9.9.166.1.15.1.1.7
iso.3.6.1.4.1.9.9.166.1.15.1.1.7.1251.1277 = Gauge32: 0
iso.3.6.1.4.1.9.9.166.1.15.1.1.7.1251.13363 = Gauge32: 0
iso.3.6.1.4.1.9.9.166.1.15.1.1.7.1251.13383 = Gauge32: 0
iso.3.6.1.4.1.9.9.166.1.15.1.1.7.1251.13435 = Gauge32: 734000
iso.3.6.1.4.1.9.9.166.1.15.1.1.7.1251.13481 = Gauge32: 233000Because 192.168.0.252 1.3.6.1.4.1.9.9.166.1.5.1.1.1 is marked "non-accessible" according to http://tools.cisco.com/Support/SNMP/do/BrowseOID.do?local=en&translate=Translate&objectInput=cbQosObjectsIndex
You'll need to obtain the indices as explained in this blog post:
http://pierky.wordpress.com/2009/04/09/cisco-class-based-qos-snmp-mib-and-statistics-monitor-for-nms/
Joe wrote a very illustrative post on the subject of snmptables: https://supportforums.cisco.com/message/3051004#3051004
And if your IOS supports it, you would want to configure the following to keep the indices from changing after every reboot or OIR:
"snmp mib persist cbqos" -
Policer with IPv6 class-map on Catalyst 3750
Hi,
I've the following problem.
It's my goal to ratelimit incoming IPv6 traffic dependent on the destination IP address range.
On a Catalyst 3750 (Image: c3750-ipservicesk9-mz.122-55.SE1.bin) I've set up the configuration as follows:
mls qos
ipv6 access-list DESTINATION-RANGE-A
permit ipv6 any 2007::/16
ipv6 access-list DESTINATION-RANGE-B
permit ipv6 any 2B03::/16
class-map match-all A
match access-group name DESTINATION-RANGE-A
class-map match-all B
match access-group name DESTINATION-RANGE-B
policy-map RL-POLICY
class A
police 2000000 8000 exceed-action drop
class B
police 6000000 8000 exceed-action drop
interface GigabitEthernet1/0/7
switchport access vlan 90
load-interval 30
service-policy input RL-POLICY
The last CLI command which should bind the policy to the specific interface, leads to the following error message
QoS: class(A) IPv6 class not supported on interface GigabitEthernet1/0/7
Are hardware/software limitations the reason for this behavior or is there any misconfiguration?
Thanks in advance for your help!
Regards,
JensIf you are thinking of IPv6 prefix I tried everything. From /128 for single host to /64, nothing works.
Maybe you are looking for
-
Append table - Regenerating a maintenance view
People, I would like to create one more fied in a standard table, so I will create an append in this table. But it has a maintenance view associated to it. As this is a standard table, is there a way to regenerate this maintenance including the new f
-
Open item not appearing in F-44
Hi I want to clear one vendor employee. There are three entries in it in FBL1n. 1st entry came from TRIP (HR Travel posting) with posting date 10.05.2010 The other two entries are advance to employee. When i am giving F-44 on 30th June2010 with OI It
-
Delete Statement Exception Handling
Hi guys, I have a problem in my procedure. There are 3 parameters that I am passing into the procedure. I am matching these parameters to those in the table to delete one record at a time. For example if I would like to delete the record with the val
-
Error: Component failed to run due to a Object Package scheduling failure
Hi, BusinessObjects XI R2 SP 5, FP 5.1 I am trying to schedule a group of reports (crystal reports) via a package where the output destination is to an email. At the event of execution of the scheduled time for the package; the package fails with the
-
New laptop, and I dont want to loose what i already have on my Ipod, help?
I have installed Itunes, I have synched and synched again, pushed every button on the ipod and in my library, and cant seem to get them to talk to each other. (other then my ipod saying that it is in fact synching) when i first plug my ipod in to my