Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
447
Views
12
Helpful
6
Replies

QoS question

octroncisco
Level 1
Level 1

‎02-21-2009 02:53 PM - edited ‎03-06-2019 04:09 AM

Hi,

I want to implement QoS in our network but I have a question. I've read that for non-ip traffic I have to perform the classification based on a configured Layer 2 MAC ACL. What does it mean? I need to mark the DSCP value in the access layer switches based on the destination IP and TCP port. Is this possible? or I have to mark the DSCP based on the MAC addresses?

Our access and distribution layers are 3750 switches, inter-vlan routing is performed in the distribution layer.

Thanks in advance

Labels:
0 Helpful
6 Replies 6

Giuseppe Larosa
Hall of Fame
Hall of Fame

‎02-21-2009 09:41 PM

Hello Blai,

because you want to mark based on destination IP and TCP port you can use an IP ACL to define traffic to be marked

access-list 101 permit tcp 10.10.10.0 0.0.0.255 10.100.200.0 0.0.0.255 eq 80

class-map web-traffic

match address 101

policy-map mark-traffic

class web-traffic

set dscp af21

then you can apply this inbound on physical port receiving traffic

int gix/y

service-policy input mark-traffic

or you can think to implement marking and policing at the SVI but I see it is not your case the device is a L2 access switch

see

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_46_se/configuration/guide/swqos.html#wp1730425

So no problems your traffic is IP based and is handled by modular QoS.

You may need some thinking if you want also to limit traffic but if you just want to mark the example is fine.

Hope to help

Giuseppe

octroncisco
Level 1
Level 1
In response to Giuseppe Larosa

‎02-22-2009 01:28 AM

Thanks for the answer Giuseppe. But Is the traffic considered IP based in the access switches? The routing is performed in the distribution layer. I'm confused with the definition of "IP traffic" and "non-IP traffic" on the configuration guide. This guide say: "You can classify IP traffic by using IP standard or IP extended ACLs; you can classify non-IP traffic by using Layer 2 MAC ACLs."

0 Helpful

Giuseppe Larosa
Hall of Fame
Hall of Fame
In response to octroncisco

‎02-22-2009 03:11 AM

Hello Blai,

you don't have an SVI and you can apply the service policy to physical interfaces but the switch is still a multilayer switch and is able to classify IP traffic.

A possible workaround to be sure to be in mulilayer mode can be:

enable ip routing

and just configure a

default static route

ip route 0.0.0.0. 0.0.0.0 gw

It should work you don't need a L3 access layer to perform marking based on IPv4 or TCP ports

I would try with no changes to your config (even with ip routing disabled if it is )

Hope to help

Giuseppe

octroncisco
Level 1
Level 1
In response to Giuseppe Larosa

‎02-22-2009 11:10 PM

I'll try it. Thank you very much Giuseppe.

0 Helpful

naveen_b81
Level 1
Level 1
In response to octroncisco

‎02-23-2009 12:55 AM

The term IP traffic means the traffic which uses the IP(Internet Protocol) protocol suite. The term Non-IP traffic means the traffic which uses all other protocols like DECNET/VINES other than IP.

octroncisco
Level 1
Level 1
In response to naveen_b81

‎02-23-2009 06:04 AM

Thank you for the explanation.

0 Helpful
Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card