NBAR problem - packet marking

Unanswered Question
Mar 5th, 2008
User Badges:

Hi everyone

I am using NBAR on my 7206VXR box to mark RTP stream to DSCP EF and SIP to CS3. Marking of SIP to CS3 works fine, but I got problem with RTP marking. Sometimes output packet are NOT marked, altough the output of policy-map applied on the interface says something different:

Service-policy output: QoS-LAN-OUT

Class-map: RTP-NBAR (match-any)

7039646 packets, 2379635593 bytes

5 minute offered rate 87000 bps, drop rate 0 bps

Match: protocol rtp

7039646 packets, 2379635593 bytes

5 minute rate 87000 bps

QoS Set

dscp ef

Packets marked 7039646


Strict Priority

Output Queue: Conversation 264

Bandwidth 1000 (kbps) Burst 25000 (Bytes)

(pkts matched/bytes matched) 1002/344274

(total drops/bytes drops) 0/0

I use wireshark analyzer on output interface of router to verify this. I cann't find anything, what could explain why it is working sometimes, and sometimes not. Could it be IOS bug? Using 12.4(5a) right now.

Config of class and policy map is as simple as that (suppose the problem is not in configuration):

class-map match-any RTP-NBAR

match protocol rtp

policy-map QoS-LAN-OUT

class RTP-NBAR

set ip dscp ef

Any suggestions?

Best regards,


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Joseph W. Doherty Tue, 03/11/2008 - 08:22
User Badges:
  • Super Bronze, 10000 points or more

Your stats do seem to indicate that your QoS policy is matching and marking something. Of course, from the stats we can't tell whether it's being done correctly.

If possible, I would first try upgrading to the lastest IOS in your version. If the problem still present, perhaps time to contact TAC.


This Discussion