03-19-2008 06:27 AM - edited 03-05-2019 09:50 PM
Hello to all, is possible that packet could no be marked inbound fa0/0
For example
(R1)s0/0/0 <--> s0/0/0 (R2)
(R1)s0/1/0 <--> s0/1/0 (R2)
Two routers connected through two serial interface in load sharing per packet.
this is the conf for R2:
class-map match-all HTTP
match protocol http
class-map match-all DSCP-AF33
match ip dscp af33
policy-map HTTP
class HTTP
set ip dscp af33
policy-map DSCP-AF33
class DSCP-AF33
interface FastEthernet0/0
service-policy input HTTP
----
R3
class-map match-all DSCP-AF33
match ip dscp af33
policy-map DSCP-AF33
class DSCP-AF33
interface Serial4/5:0
service-policy input DSCP-AF33
interface Serial5/6:0
service-policy input DSCP-AF33
--------------------------
--------------------------
show in R2
----------
FastEthernet0/0
Service-policy input: HTTP
Class-map: HTTP (match-all)
30963 packets, 6113447 bytes
30 second offered rate 41000 bps, drop rate 0 bps
Match: protocol http
QoS Set
dscp af33
Packets marked 30963
Class-map: class-default (match-any)
355690 packets, 263701909 bytes
30 second offered rate 160000 bps, drop rate 0 bps
Match: any
The packet seems to be market as them enter the f0/0
On R1
-----
Serial0/0:0
Service-policy input: DSCP-AF33
Class-map: DSCP-AF33 (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps
Match: ip dscp af33
Serial0/1:0
Service-policy input: DSCP-AF33
Class-map: DSCP-AF33 (match-all)
0 packets, 0 bytes
30 second offered rate 0 bps
Match: ip dscp af33
Now if I put the marking out (instead in of the f0/0) of the serials of R2
R2
interface Serial0/0/0
service-policy output HTTP
interface Serial0/1/0
service-policy output HTTP
After a Clear counters you will see on Router R1:
Serial0/0:0
Service-policy input: DSCP-AF33
Class-map: DSCP-AF33 (match-all)
18 packets, 4781 bytes
30 second offered rate 0 bps
Match: ip dscp af33
Class-map: class-default (match-any)
2962 packets, 404307 bytes
30 second offered rate 60000 bps, drop rate 0 bps
Match: any
Serial0/1:0
Service-policy input: DSCP-AF33
Class-map: DSCP-AF33 (match-all)
20 packets, 4495 bytes
30 second offered rate 0 bps
Match: ip dscp af33
Class-map: class-default (match-any)
3251 packets, 451178 bytes
30 second offered rate 63000 bps, drop rate 0 bps
Match: any
Why marking is not working when I apply it inbound of the f0/0 ?.....
Best Regards!
03-19-2008 07:26 AM
Are these routers connected together through a switch that is, itself, running mls qos? If so, have you put mls qos trust dscp on the router ports? If you don't, then the switch will strip the DSCP.
(Unless I have misunderstood the architecture, in which case I apologise, and could you sketch it out please. I'm not clear where R3 fits in.)
Kevin Dorrell
Luxembourg
03-19-2008 08:32 AM
Two routers connected through two serial interface in load sharing per packet.
Sorry I made a mistake when cutting and pasting :)
---------WRONG------------
R3
class-map match-all DSCP-AF33
match ip dscp af33
policy-map DSCP-AF33
class DSCP-AF33
interface Serial4/5:0
service-policy input DSCP-AF33
interface Serial5/6:0
service-policy input DSCP-AF33
-----------END-----------------
----------CORRECT------------
R1
class-map match-all DSCP-AF33
match ip dscp af33
policy-map DSCP-AF33
class DSCP-AF33
interface Serial0/0/0
service-policy input DSCP-AF33
interface Serial0/1/0
service-policy input DSCP-AF33
----------------------------
03-19-2008 01:27 PM
Hello,
when you use match protocol http you are actually using NBAR (Network Based Application Recognition)
depending on the IOS version to have NBAR to work correctly you need to enable NBAR protocol discovery on the interface.
see for example:
you can do it using :
interface type number [name-tag]
ip nbar protocol-discovery
Hope to help
Giuseppe
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: