Strange issue with Outgoing access-list and QoS

Unanswered Question
Aug 1st, 2008
User Badges:

Hi all

I have the following issue, which I guess may be due to my IOS version.

IOS (tm) 3700 Software (C3745-IK9S-M), Version 12.3(6b), RELEASE SOFTWARE (fc1)

When I apply an outgoing access-list to an interface, my QoS shaping ceases to function. When I remove the access-list the QoS shaping kicks in.

In this version of IOS are security access-lists and QoS shaping mutually exclusive? or do I need to configure additional paramaters.

Any ideas?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
paris2london Fri, 08/01/2008 - 05:30
User Badges:

Thanks for that.

I read the article, and the output ACL is processed before QoS.

My outgoing access-list has the 'reflect' option and is not processed, when I remove the 'relect' option, QoS kicks in.

Any ideas.

tdrais Fri, 08/01/2008 - 09:08
User Badges:
  • Blue, 1500 points or more

This is strange since reflexive acl modify the incoming access list and should not really affect the outbound traffic.

Sounds like a bug but its been a while since I used reflexive access lists. I generally use CBAC but you need the firewall feature set to do that.

This one sounds like a good case to call the TAC if you have a service agreement.


This Discussion