MLS QOS rewriting EF DSCP packet

Unanswered Question
Mar 3rd, 2009
User Badges:


I have configured the Qos on my Core switch (C3750E Software (C3750E-UNIVERSALK9-M), Version 12.2(44)SE1) and I have notified that when MLS QOS is activate on the Core then it's not possible to match EF DSCP packet on my input policyp-map located on my WAN Router.

But when I remove the MLS QOS then I can match the EF DSCP packets, why ?

Thanks in advance for your helps ;)


  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
ogor Tue, 03/03/2009 - 07:06
User Badges:

#sh mls qos

QoS is enabled

QoS ip packet dscp rewrite is enabled


ogor Tue, 03/03/2009 - 07:05
User Badges:

it's ok I have forget to specify 'mls qos trust dscp" on my CCME LAN interface in that way all the flows were tagged to DSCP 0




Good - BUT remember if you are also running QoS on your LAN and you are dependant on the layer 2 marking - trusing DSCP will re-write the COS value.

So trusting the DSCP will work, but if you also want to be able to QoS on the WAN using the DSCP - then in your core I suggest you disable DSCP rewrite:-

"no mls qos rewrite ip dscp"

This way the Layer 2 marking is kept in tact AND the layer 3 marking in the IP header is ALSO intact.


ogor Tue, 03/03/2009 - 07:56
User Badges:


Yes you're right but I prefer to be sure of what is with DSCP set at 0 and DSCP at EF/CS3 (ie for ToIP).

For example, if an admin server is modifing his TCP/IP server stack to set the data to DSCP EF with the "no mls qos rewrite ip dscp" command I will not rewrite the DSCP to 0 and can have some problems further on my WAN ;)

In the other way, even if the Server's DSCP field is set to EF I will rewrite with my Core switch the DSCP field to 0 and no more congestion in the voice class on the WAN.

see u



OK - but that was not the issue you were seeing, because you were rewriting the DSCP value, you were not matching on your policy on the WAN router. You were looking for the DSCP value in the IP header in the WAN to already be set to EF.

Perhaps you should just mark the traffic on the in-bound interface of your WAN router, and prioritise on the outbound interface connected to your WAN circuit.



This Discussion