Radius accounting for QoS pppoe policy-map

Similar Messages

• DMVPN per tunnel QOS. show policy-map multipoint not working

  Hi All,
  I have a DMVPN hub which is a 1841 with image c1841-advsecurityk9-mz.151-4.M1.bin .
  I have been using DMVPN and its awesome but now trying to get the QOS sorted out and having issues.
  I have configured the interface like so.
  interface Tunnel1
  ip address 10.255.255.1 255.255.255.0
  no ip redirects
  ip mtu 1400
  ip nhrp authentication xxx
  ip nhrp map multicast dynamic
  ip nhrp map group ADSL1 service-policy output ADSL1
  ip nhrp network-id 1
  ip nhrp redirect
  ip tcp adjust-mss 1360
  no ip split-horizon
  ip ospf 1 area 0
  tunnel source Loopback0
  tunnel mode gre multipoint
  tunnel key 1
  tunnel path-mtu-discovery
  tunnel protection ipsec profile VPN
  end
  policy-map ADSL1
  class class-default
    shape average 1000000
    service-policy Classes
  policy-map Classes
  class Silver
    bandwidth percent 25
    fair-queue
  class Gold
    bandwidth percent 50
    fair-queue
  class Scavanger
    bandwidth percent 5
  class class-default
    fair-queue
  The output of show dmvpn detail shows it has applied the QOS rule.
  NG-SR-WE-RT-2#show dmvpn detail
  Legend: Attrb --> S - Static, D - Dynamic, I - Incomplete
      N - NATed, L - Local, X - No Socket
      # Ent --> Number of NHRP entries with same NBMA peer
      NHS Status: E --> Expecting Replies, R --> Responding, W --> Waiting
      UpDn Time --> Up or Down Time for a Tunnel
  ==========================================================================
  Interface Tunnel1 is up/up, Addr. is 10.255.255.1, VRF ""
     Tunnel Src./Dest. addr: 10.32.0.100/MGRE, Tunnel VRF ""
     Protocol/Transport: "multi-GRE/IP", Protect "VPN"
     Interface State Control: Disabled
  Type:Hub, Total NBMA Peers (v4/v6): 1
  # Ent  Peer NBMA Addr Peer Tunnel Add State  UpDn Tm Attrb    Target Network
      1  x.x.x.x    10.255.255.2    UP    1d18h    D    10.255.255.2/32
  NHRP group: ADSL1
  Output QoS service-policy applied: ADSL1
  but my router cannot run show policy-map multipoint... it doesnt come up with a tab but i can write it in by hand.  Even when i write it in by hand it outputs blank.
  I cut the ADSL1 shape down to 512k and it didnt take affect so i dont think the qos is working at all.
  Is my feature set too low?
  Cheers,
  Simon

  Ray,
  There could be multiple reasons for it not to function, the config on hub seems just fine, we'd need to inspect the spokes and check (most likely) in debugs if correct group is being sent from spoke.
  Also coexistance of other service-policy etc etc.
  The feature is quite simple (some level of simplification), spoke says he is in group X when registering, hub assigns this NHRP mapping a service-policy.
  M.

• QoS on 3560, 2960 and 3750 does not work (Policy-map).

  Hi
  I am tryng to configure QoS on 3 switches (2960, 3560 and 3750) with this configuration:
  mls qos
  class-map match-all QOS_DATA_CLASS
    match access-group name QOS-DATA
  class-map match-all QOS_DEFAULT_CLASS
    match access-group name QOS-DEFAULT
  class-map match-all QOS_VOICE_CLASS
    match access-group name QOS-VOICE
  class-map match-all QOS_SIGNALING_CLASS
    match access-group name QOS-SIGNALING
  policy-map QOS-SOFTPHONE-POLICY
   class QOS_DEFAULT_CLASS
     set dscp default
   class QOS_SIGNALING_CLASS
     set dscp cs2
   class QOS_DATA_CLASS
     set dscp cs1
   class QOS_VOICE_CLASS
     set dscp cs3
  interface GigabitEthernet0/34
   no switchport
   ip address 10.10.11.1 255.255.255.252
   ip ospf network point-to-point
   priority-queue out 
   service-policy input QOS-SOFTPHONE-POLICY
  interface GigabitEthernet0/47
   switchport access vlan 150
   spanning-tree portfast
   service-policy input QOS-SOFTPHONE-POLICY
  ip access-list extended QOS-DATA
   permit tcp any any eq 22
   permit tcp any any eq 465
   permit tcp any any eq 143
   permit tcp any any eq 993
   permit tcp any any eq 995
   permit tcp any any eq 1914
   permit tcp any any eq ftp
   permit tcp any any eq ftp-data
   permit tcp any any eq smtp
   permit tcp any any eq pop3
  ip access-list extended QOS-DEFAULT
   permit ip any any
  ip access-list extended QOS-SIGNALING
   permit tcp any any range 2000 2002
   permit tcp any any range 5060 5061
   permit udp any any range 5060 5061
  ip access-list extended QOS-VOICE
   permit udp any any range 16384 32767
  but when I check the show commands I see that QoS is not working.
  CoreA#sh policy-map interface g0/34   
   GigabitEthernet0/34 
    Service-policy input: QOS-SOFTPHONE-POLICY
      Class-map: QOS_DEFAULT_CLASS (match-all)
        3 packets, 198 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: access-group name QOS-DEFAULT
      Class-map: QOS_SIGNALING_CLASS (match-all)
        0 packets, 0 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: access-group name QOS-SIGNALING
      Class-map: QOS_DATA_CLASS (match-all)
        0 packets, 0 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: access-group name QOS-DATA
      Class-map: QOS_VOICE_CLASS (match-all)
        0 packets, 0 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: access-group name QOS-VOICE
      Class-map: class-default (match-any)
        0 packets, 0 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: any 
  CoreA#sh policy-map interface g0/47 
   GigabitEthernet0/47 
    Service-policy input: QOS-SOFTPHONE-POLICY
      Class-map: QOS_DEFAULT_CLASS (match-all)
        0 packets, 0 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: access-group name QOS-DEFAULT
      Class-map: QOS_SIGNALING_CLASS (match-all)
        0 packets, 0 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: access-group name QOS-SIGNALING
      Class-map: QOS_DATA_CLASS (match-all)
        0 packets, 0 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: access-group name QOS-DATA
      Class-map: QOS_VOICE_CLASS (match-all)
        0 packets, 0 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: access-group name QOS-VOICE
      Class-map: class-default (match-any)
        0 packets, 0 bytes
        5 minute offered rate 0 bps, drop rate 0 bps
        Match: any 
  What do I do bad?
  The flow is the next:
  Computer with CIPC --------> Switch 2960 or 3560 or 3750 ------------------> switch core ---------------> CIPC
  I have wireshark in a port mirror on switch 2960, 3560 and 3750. In wireshark I always see the packets marked with default label.
  I hope you can help me.
  Regards.

  Try this config:
  policy-map QOS-SOFTPHONE-POLICY
   class QOS_VOICE_CLASS
     set dscp cs3
   class QOS_SIGNALING_CLASS
     set dscp cs2
   class QOS_DATA_CLASS
     set dscp cs1
   class class-default
     set dscp default
  BR

• Map-class frame-relay , policy map

  Does a service-policy output have to be applied to an interface for qos to work?
  here is the config but there is nothing applied to the serial interface..
  Thanks for your help
  policy-map 256/128KVoice
  class 256/128KVoice
  priority 112
  class class-default
  fair-queue
  map-class frame-relay 256/128KVoice
  frame-relay cir 128000
  frame-relay bc 1280
  frame-relay be 600
  frame-relay mincir 128000
  no frame-relay adaptive-shaping
  frame-relay fair-queue
  frame-relay fragment 150
  frame-relay ip rtp priority 16384 16380 210
  interface Serial0/0
  bandwidth 1544
  ip address xxx.xxx.xxx.xxx 255.255.255.255
  ip route-cache flow
  no fair-queue
  service-module t1 timeslots 1-24

  Hello,
  Will QOS will work in this way  where class is put on WAN interface where it should be service  policy.
  router#sh run interface Se0/0/0.1
  Building  configuration...
  Current configuration : 239 bytes
  interface  Serial0/0/0.1 point-to-point
  bandwidth 2048
  ip address XXXX
  ip nat outside
  frame-relay  interface-dlci 555
    class COS-OUT-S0/0/0.1   
  end
  COS-OUT-S0/0/0.1 is defined as policy map  with class of voice and video.
  When checking on WAN int #sh policy-map  interface  Se0/0/0.1 , can see output of service policy input/output with policy map  recpective classes and packets match entries.Is  QOS working with this  configuration?
  Appreciate any input on this.
  Regards,
  Brajesh.

• Regarding policy map

  HI Team,
  If we use the folowing comands for QOS, what is the effect of
     service-policy NIC-QOS-OUT, as i have studied service policy will be applied under physical interfaces. Here policy map has been defined and again it is referred under Parent-QoS-2.5GIG policy map. So please clarify
  policy-map NIC-QoS-OUT
  description #### Common Child Policy ####
    class VIDEO&VOICE-OUT
     police cir percent 20
      priority
    class NICNET-OUT
      bandwidth percent 20
      random-detect dscp-based
    class CONTROL-OUT
      bandwidth percent 10
      random-detect dscp-based
    class INTERNET-SURF-OUT
      bandwidth percent 10
      random-detect dscp-based
    class class-default
      random-detect
  policy-map Parent-QoS-2.5GIG
  description #### Parent QoS Policy for 2.5 GIG Link ####
    class class-default
      shape average 2300000000
     service-policy NIC-QoS-OUT
  policy-map NIC-QOS-OUT
  Thanks in advance,
  Naveen

  The two ASA syslogs you posted were both from an internal host to port 80 on an external host. This would indicate that a sucessful DNS resolution has occured in these two instances.
  If the cause of your problem is bad DNS lookups, you should see evidence in your AIP-SSM event log of the packets being dropped.
  - Bob

• Asking for QoS Advice...

  We're upgrading our network infrastructure. We're currently on a Catalyst 6509 core with 3560's as distribution and access. We're currently running CUCM 10.5. Our phones are primarily 7940's running SCCP.
  We're moving to a Catalyst 6807 with 6800ia FEXes. We'll be replacing the majority of our deskset phones with the Jabber client and Jabra headsets.
  Our current QoS is configured using the 'mls qos' commands and policy-maps in our switches. Someone told me in passing that QoS for Cisco Unified Communications is simplified through "medianet". So the advice I'm looking for...is "medianet" the way we want to go? Or is the 'mls qos' and policy-maps still the way to go? Or is there another preferred option?
  Also would be interested in any documentation on best-practices for QoS with CUCM, Unity, WebEx, UCCX, etc.
  Thanks,
  -Mike

  Hi
  +5 for yosh , just keep in your mind the following medianet technology is used especially for Real time applications as video endpoints when you have a switch which connected to many applications as " voice , data , video ,wireless" different types of traffic . In this we d classification for the traffic , here below a good example for mdianet configuration
  http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Video/qoscampuscat3xxxaag.html
  Cisco medianet is specially for video conference endpoints and can be used for IP phone , jabber , telepresence used for the below:-
  Autoconfiguration: Facilitates the deployment of video endpoints and reduces the ongoing operational costs of managing moves, adds, and changes.After you connect to the switch by "camera , DMP , IP Pone , jabber" it will get automatically VLAN , QOS , location information and security .
  Media Monitoring: Enhances visibility into the network. It helps accelerate troubleshooting, and assess and measure the impact of video, voice, and data applications in the network.
  •Media Awareness: Helps the network to become application and rich-media context aware end to end. The network works together with the video endpoints and applications for optimal QoE for end-users and improved visibility for IT.
  I used medianet configuration on my cisco switches for my cisco DMPs " digital media players" and this medianet allow me to get the above benfits. Just you have to check the version of your IOS if it is support medianet configuration or not. for configuration , please find the below
  http://www.cisco.com/c/en/us/td/docs/solutions/Enterprise/Video/Medianet_Ref_Gd/medianet_ref_gd/chap7.html
  http://www.cisco.com/web/learning/le31/le46/cln/learning_module/autoconfiguration/index.html
  Thanks
  please rate all useful information

• Assign QoS Service Policy via RADIUS to Catalyst 45k/37k?

  hi,
  is there a way to assigen a QoS service policy via Radius to an Caltalyst 4500/3750 Switchport?
  in detail, we would like to assign this policy
      policy-map SET_EF
       class class-default
         set dscp ef
  to an interface. All traffic should be marked with a defined DSCP value.
  This works find when doing it statically with
      interface FastEthernet2/1
           service-policy input SET_EF
  but we would need to assign such a policy via Radius during the 802.1x Authentication. different users should get differnt policies. We use Cisco ACS 5.2 as Radius Server and there actually is a field for
  that in the Authorization Profile Common Tasks Configuration. in detail, this uses the cisco-av-pair "sub-policy-In=<policy name>" attribute to assign a service policy to an NAS.
  we found also two other attributes "sub-qos-policy-in" and "ip:sub-qos-polcy-in" for that. CCO says that "ip:sub-qos-polcy-in" works with Catalyst 65k (http://www.cisco.com/en/US/docs/switches/lan/catalyst6500/ios/12.2SX/configuration/guide/qos.html#wp1926523)
  unfortunately this seems to not work on Catalyst 45k and 37k.
  In the ACS Logs we can see that these attributes are attached to the Radius Reply, but unfortunately they are ignored by the switch.
  it is interesing that when entering "show aaa attributes" on the Catalyst 45k, these attributes are displayd - so for my understanding the switch should understand these attibutes (?)
      4503-E#sh aaa attributes
      AAA ATTRIBUTE LIST:
          Type=1     Name=disc-cause-ext                 Format=Enum
          Type=2     Name=Acct-Status-Type               Format=Enum
      <snip>
          Type=345   Name=sub-policy-In                  Format=String
          Type=346   Name=sub-qos-policy-in              Format=String
          Type=347   Name=sub-policy-Out                 Format=String
          Type=348   Name=sub-qos-policy-out             Format=String
  any input is welcome :-))
  best reagrds

  additionally to this discussion, i've just opened a service request with TAC.
  unfortunately the engineer told me that by now per-User QoS is definitely no supported on this two plattforms but it's listed on the roadmap and will be possibly availabe mid 2012......

• Policy map/ class map/ service policy for IOS xr

  Hi,
  I need to create a policy map and class map/service policy to limit the amount of bandwidth that can be used on one interface both in and out.
  I need the cap for the bandwidth to traverse this circuit to ne 10 Meg.
  the IOS xr version we are using is 4.3.4
  I was hoping someone could help me out by giving me a configuration example I could follow.
  Thank you.

  for instance like this:
  policy-map police-in
  class class-default
  police rate 10 mpbs <optionally set burst>
  policy-map shape-out-parent
  class class-default
  shape 10 mpbs <optional burst config>
  service-policy shape-out-child
  policy-map shape-out-child
  class class-default
  queue-limit 10 packets
  int g 0/0/0/0
  service-policy police-in in
  service-policy shape-out-parent out
  also have a look at CL 2013/2014 (orlando/sanfran) ID 2904 for more QOS details
  and the support forum article of "asr9000 quality of service architecture"
  xander

• QoS Atm subinterface to Internet Policy Map Help

  I have a 40meg connection to the Internet via 7200 router using ATM ubr.  I have been trying to design a Strict priorty for a particular subnet, then a 1 percent Scavenger Class the rest being class default with fair queue and random detect.
  I can build the classes and policy maps yet the service-policy will not allow and inbound or outbound placement on the sub-interface.  Any help on this would be most appreciated.
  Thanks
  Jason

  That's correct, CBWFQ or LLQ is not supported on the PVC configured as UBR ATM class of service because of the nature of UBR service, there is no guarantee that any traffic will get through, the actual traffic rate can be anything.
  Some documentation mention that this is not supported, here is one for 12.4T train:
  "CBWFQ is supported on variable bit rate (VBR) and available bit rate (ABR) ATM connections. It is not supported on unspecified bit rate (UBR) connections."
  http://www.cisco.com/en/US/docs/ios/qos/configuration/guide/congstion_mgmt_oview_ps6441_TSD_Products_Configuration_Guide_Chapter.html#wp1001237
  Regards,
  Raphael

• How do I show ACL hits for ACL's used in policy maps?

  Is there a way to display the hit count against ACL entries when the ACL is used for policy maps, QoS classification etc?
  The manual shows how to do this for an ACL when its attached to an interface. Also there are options for a location, it doesn't match for any of the presented locations, but does give the option for a `word' to be entered.                  

  Hi Michel,
  I have spent some time trying to figure out the syntax for this command, I see how to do it if the ACL is applied to an interface, but not if its used for a policy map or qos policy. Its not clear from the command guide.
  What do I use for location assuming this is the way to do it for this type of ACL? I have a read through the configuration guide, its not clear if I can look at these counters or not.
  Andy

• Show policy-map interface | Question about QOS show command output

  I hope this is the correct place for this question. If not, please let me know.
  When I issue the show policy-map interface command (in this case on a  3845) there is some output I don't understand.  I have included some output below and formatted the lines I am confused about as "computer code" which show up as red on my screen.  A list of the individual lines i'm confused about is below, followed by those liens in the context of the show policy-map command's output.
  Any help with this will be greatly appreciated. Thanks in advance.
  5 minute offered rate 46000 bps, drop rate 0 bps
   5 minute rate 10000 bps
   bandwidth remaining 50% (768 kbps)
  show policy-map interface
  --- previous output omitted ---
  GigabitEthernet0/0
    Service-policy input: QoS_IN
  class-map: Silver (match-any)
        164691299 packets, 23570752398 bytes
        5 minute offered rate 46000 bps, drop rate 0 bps
        Match: access-group name MAINFRAME
          4371992 packets, 2311242335 bytes
          5 minute rate 0 bps
        Match: access-group name KRONOS
          13334297 packets, 3051409140 bytes
          5 minute rate 5000 bps
        Match: access-group name EMAIL
          97652823 packets, 10323856470 bytes
          5 minute rate 10000 bps
        Match: access-group name VOIP-CONTROL
          20782858 packets, 1481676784 bytes
          5 minute rate 0 bps
        Match: access-group name LOGIXWEB
          0 packets, 0 bytes
          5 minute rate 0 bps
        Match: access-group name GRINDLOG
          0 packets, 0 bytes
          5 minute rate 0 bps
        Match: access-group name CITRIX
          46895 packets, 14669179 bytes
          5 minute rate 0 bps
        Match: access-group name CORP_WEB
          28502414 packets, 6387897396 bytes
          5 minute rate 4000 bps
        QoS Set
          dscp af31
            Packets marked 164691269
  show policy-map interface s0/0/0:0
  Serial0/0/0:0
    Service-policy output: QoS_OUT
  --- previous output omitted ---
      Class-map: Silver (match-any)
        86590227 packets, 12051546524 bytes
        5 minute offered rate 3000 bps, drop rate 0 bps
        Match: access-group name MAINFRAME
          7641084 packets, 2701232492 bytes
          5 minute rate 0 bps
        Match: access-group name KRONOS
          6975052 packets, 1555404656 bytes
          5 minute rate 0 bps
        Match: access-group name EMAIL
          58438150 packets, 5433636586 bytes
          5 minute rate 3000 bps
        Match: access-group name VOIP-CONTROL
          355083 packets, 41252455 bytes
          5 minute rate 0 bps
        Match: access-group name LOGIXWEB
          0 packets, 0 bytes
          5 minute rate 0 bps
        Match: access-group name GRINDLOG
          0 packets, 0 bytes
          5 minute rate 0 bps
        Match: access-group name CITRIX
          19 packets, 4967 bytes
          5 minute rate 0 bps
        Match: access-group name CORP_WEB
          13180836 packets, 2320015236 bytes
          5 minute rate 0 bps
        Queueing
        queue limit 64 packets
        (queue depth/total drops/no-buffer drops) 0/18156/0
        (pkts output/bytes output) 86421413/12004278837
        bandwidth remaining 50% (768 kbps)

  this is my configuration
  DGMGRL> show configuration
  Configuration
  Name: matrix
  Enabled: YES
  Protection Mode: MaxPerformance
  Databases:
  stdby1 - Primary database
  stdby2 - Physical standby database
  stdby3 - Physical standby database
  Fast-Start Failover: DISABLED
  Current status for "matrix":
  SUCCESS
  --- this is my first successful switchover -----
  DGMGRL> switchover to stdby2
  Performing switchover NOW, please wait...
  New primary database "stdby2" is opening...
  Operation requires shutdown of instance "stdby1" on database "stdby1"
  Shutting down instance "stdby1"...
  ORA-01109: database not open
  Database dismounted.
  ORACLE instance shut down.
  Operation requires startup of instance "stdby1" on database "stdby1"
  Starting instance "stdby1"...
  ORACLE instance started.
  Database mounted.
  Switchover succeeded, new primary is "stdby2"
  -------------------this is my second switchover -------------
  DGMGRL> switchover to stdby1
  Performing switchover NOW, please wait...
  New primary database "stdby1" is opening...
  Operation requires shutdown of instance "stdby2" on database "stdby2"
  Shutting down instance "stdby2"...
  ORA-01109: database not open
  Database dismounted.
  ORACLE instance shut down.
  Operation requires startup of instance "stdby2" on database "stdby2"
  Starting instance "stdby2"...
  Unable to connect to database
  ORA-12514: TNS:listener does not currently know of service requested in connect descriptor
  Failed.
  You are no longer connected to ORACLE
  Please connect again.
  Unable to start instance "stdby2"
  You must start instance "stdby2" manually
  Switchover succeeded, new primary is "stdby1"
  DGMGRL>
  Edited by: user6981287 on Jan 7, 2010 12:57 AM
  Edited by: user6981287 on Jan 7, 2010 1:00 AM

• Best practice for web servers behind a router (NAT, ACL, policy-map, VLAN)

  Hi,
  I'm a new Network admin, and I have some configuration questions about my installation (see attachment).
  I have 3 web servers behind a router.
  Public interface: 3 public ip adresses
  Private interface: router on a stick config ( 3 sub-interfaces, 3 different networks, 3 VLAN)
  I would to know the best way to redirect http traffic to the right server.
  My idea is to map a public address to a private address, via NAT, but I'm not sure for the configuration.  I could also redirect via Policy-map and filter by url content.
  So if you have some advise for this case, it would be really appreciated.
  Thank you.
  Chris.

  Hello Christophe,
  As I understand you want 1st that ; 
  if somebody go to A.local.com from internet then he will redirect to 192.168.1.10 in your internal network. 
  That means, you need static mapping between your public @ip address and your local ip address. 
  for this example, your local interface is Fa0/0.1 and I dont your public interface because it is not mention in your diagram. I will suppose S0/0 for public interface. 
  that is the config for the Web Server1. You can do the same with the remaining servers:
  interface fa0/0.1 
  ip nat inside
  interface serial0/0
   ip nat outside
  ip nat inside source static 192.168.1.10 172.1.2.3 
  static mapping from local to public. 
  I suppose you have done the dns mapping in your network and the ISP have done the same in his network. 
  ip route 171.1.2.3 interface serial0/0 
  or 
  ip route 0.0.0.0 0.0.0.0 interface serial0/0. 
  After these step for each web server, you will get the mapping. 
  Now you can restrict access to this ip only to http or https protocol on your isp and after on your local network 
  like
  ip access-list extended ACL_WebServer1
  permit ip any 192.168.1.10 eq www
  deny ip any 192.168.1.10
  exit
  interface fa0/0.1
   ip acess-group ACL_WebServer1 in
  no shut
  exit
  That is the first step. 
  Second step : you want to filter traffic by url, that means layer 5 to 7 filtering. 
  I am not sure that it is possible using cisco router with (ZBF + Regex).
  Check the first step and let us know ! 
  Please rate and mark as correct if it is the case. 
  Regards,

• QoS - Create class-map while inside policy-map

  The cisco training notes for CME claim you can create a non-existant class-map while in the policy-map. Here is the what the notes say
  router(config-pmap)#class class-map-name condition
  ? Optionally you can define a new class-map by entering the condition after the name of the new class map
  Does this work

  If my memory serves me, it was on a 7206VXR running a 12.3 cut. Also, I do recall that the '?' will not present this as an option but it still works...
  Paresh.

• How to map accounts for RCA, CLS, IRV and PPV  account titles??

  Hi,
  We are on 11.5.9 and using PMAC costing.
  While mapping for CLS, RCA, IRV, PPV account titles, I am getting confused to what accounts should i have to map these a/c titles :( I understand why those accounts are generated but somehow, am unable to find out the way to map them..
  I have gone thru Metalink and user guides but there doesn't seem to be any clue for it.
  Pl help me out.
  Rgds,

  Hi MAK,
  Usually, RCA and CLS accounting titles are mapped to Production Batch Transactions. CLS is used to map Batch Closure Variance, amount required to clear WIP account. Typical reasons for non-zero closing variances are:
  * Batch Release and Certification in different cost periods
  * With PMAC, the average costs include the period end balance, which may create a variance.
  RCA (Resource Control Account) represents the value of Resources (Direct / Indirect Labor etc.), burden cost allocated to the Production batch. MAC subledger accounting user guide provide in-depth documentation on these accounting titles.
  Regards,
  Sanjeev

• Created a user account for my daughter but itunes will not open, just says something about digital signature policy

  Hi there, newbie here. Wondered if anyone can help, opened another user account for daughter on windows 64, and when we tried to open itunes a message came up saying it could not open because of digital signature policy, when i go back to my user it opens ok.
  Could anyone help.
  Cheers

  am not prepared to enter my credit card also on her account application.
  You can enter it on the registration page then delete it immediately after you complete the registration.
  If I purchase a iTunes card with some credit, can I open the account for her just with the code?
  If you wish. Instead of going to Create new accout, go to Redeem on the main iTunes store screen, enter the code, then select *Create new account*.
  What will happen if the credit on the card gets to zero?
  She will not be able to make a purchase until another gift card is entered or a CC is linked to the account.