09-11-2008 10:10 AM - edited 03-06-2019 01:19 AM
Hi all
I have following setup
CPE==ALCATEL==7609==Core
ALcatel box is acting as pure L2 switch carrying VLANs from CPE, I then trunk from ALcatel to 7609 where I terminate each VLAN in SVI.
I expect Alcatel switch to remark inbound CPE traffic. however, only COS bit is remarked. when packets hits the 7609 and tag is stripped off remarking by Alcatel has obviously no effect.
if I was using a Cisco instead of ALcatel, een as L2 I woudl expect COS bit to eb copied to DSCP bit.
I would hate to remark on 7609 ( distribution layer). does anyone have any recommendations ?
TIA
Sam
Solved! Go to Solution.
09-13-2008 11:53 PM
Assuming the Alcatel marks/trusts by default, and you are trunking on the 7609 (sounds like you are since you mentioned it terminates at an SVI), then you should only need to trust CoS on the trunk port going to the Alcatel.
In hardware when the 802.1Q tag is stripped off all the information is copied to a header internal to the switch, including the CoS marking. If we trust CoS and there is a CoS marking, we'll write in the appropriate DSCP in the IP header as per the CoS-to-DSCP mapping.
-Ryan
09-13-2008 06:20 PM
hi sam
ur problem is the cos marking going to a layer three device without being maped to dscp then get droped i mean the marking
try this policy map
on the inbound direction of ur router interface or SVI
policy-map LAN-EDGE-IN
class class-default
set cos dscp
then apply it in the input direction
if didnt work
u need to match the traffic coming from the ALcatel by calss maps using match protocol or access-list with port number then remark them to dscp using an input policy map in the inbound direction
try and let me know
good luck
if helpful Rate
09-13-2008 11:51 PM
Hi Marwan
Thanks for the reply!
I know exactly what the problem is and what the fix is. however as I said in my initial post, it is not best practice to remark at distribution layer (where my 7609 is).
I was hoping to get some feedback on what is next best, such as:
1-insert a L2/L3 switch between Alcatel and 7609 to act as a second layer access and then yes we can remark as u suggested inbound. not just on Default traffic but 3 services matching ACLs.
2-use intelligent CPE's which is Diffserv aware and can mark at source. Nice solution as no load will be put on edge devices but as well know anything sitting at customer premises should be treated as untrusted.
Thanks for ur input taking time to reply
Sam
09-13-2008 11:53 PM
Assuming the Alcatel marks/trusts by default, and you are trunking on the 7609 (sounds like you are since you mentioned it terminates at an SVI), then you should only need to trust CoS on the trunk port going to the Alcatel.
In hardware when the 802.1Q tag is stripped off all the information is copied to a header internal to the switch, including the CoS marking. If we trust CoS and there is a CoS marking, we'll write in the appropriate DSCP in the IP header as per the CoS-to-DSCP mapping.
-Ryan
09-14-2008 01:20 AM
i agree with Ryan 100% and i am sure Sam aware about this concept but is the 7609 capable to trust on L2 cos and dose it has the builtin mapin from cos-to-dscp and vice versa as with CAT switches !!!
if not i woul suggest to add a cisco switch and connect the switch to the 7609 and make this uplink to trust dscp and the link to the Alcatel trust cos and dont forget to mak this simple change to the defualt maping in the switch:
mls qos map cos-dscp 0 8 16 24 32 46 48 56
this Maps CoS 5 to EF
good luck
09-14-2008 01:26 AM
Thanks both for replies !
I think I have a good shot with Ryan's reply. I am as we speak going thru H/W Vs QOS capabilities of 7609...each card behaves differently, but I think the re-write of COS to "Internal" DSCP is there.
I will test and feedback.
Many thanks
Sam
09-14-2008 03:05 AM
Thanks Ryan !
"mls qos trust cos" does exactely what is says on the tin !
Sam
09-14-2008 01:34 PM
Pleasure to help. :)
For future reference, as far as the layer-2 features on the 7600 are concerned, it is in most ways identical to configuring a 6500.
-Ryan
Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community: