Marking problem DSCP bits on Cat 6500 with native IOS

Unanswered Question
Apr 17th, 2009
User Badges:

Hi,

I'd like to mark incoming UDP packets with DSCP values on a 6509 with Sup720 3BXL. Incomming interface is a WS-X6748-GE-TX


What I did is

---------

mls qos


class-map match-any UDPKRAM

match access-group 100


policy-map UDPKRAM_AF21

class UDPKRAM

set ip dscp af21


access-list 100 permit udp any any


Interface of the incoming UDP packets:

service-policy input UDPKRAM_AF21


R4# sh mls qos ip gi3/3

[In] Policy map is UDPKRAM_AF21 [Out] Default.

QoS Summary [IPv4]: (* - shared aggregates, Mod - switch module)


Int Mod Dir Class-map DSCP Agg Trust Fl AgForward-By AgPoliced-By

Id Id

-----------------------------------------------------------------------------------

Gi3/3 5 In UDPKRAM 18 2 No 0 88192 0


------------------------------------


The problem is, the DSCP value of outgoing packets is 0, i can't see marked packets, not in wireshark on the outgoing line and not at the next hop. Any ideas where the marking is lost?

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 0 (0 ratings)
Loading.
Jon Marshall Fri, 04/17/2009 - 02:11
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Can you post


1) The full interface configuration of the interface that you have applied the policy map


2) The cos-to-DSCP map, the DSCP-cos map and the DSCP mutation map


Jon

c-naumann Fri, 04/17/2009 - 02:18
User Badges:

I can :-)


---

interface GigabitEthernet3/3

description Link zum VMware FTP

ip address 10.9.4.5 255.255.255.252

load-interval 30

no cdp enable

no mop enabled

service-policy input UDPKRAM_AF21

end


---


Cos-dscp map:

cos: 0 1 2 3 4 5 6 7

------------------------------------

dscp: 0 8 16 24 32 40 48 56


---


Dscp-cos map: (dscp= d1d2)

d1 : d2 0 1 2 3 4 5 6 7 8 9

-------------------------------------

0 : 00 00 00 00 00 00 00 00 01 01

1 : 01 01 01 01 01 01 02 02 02 02

2 : 02 02 02 02 03 03 03 03 03 03

3 : 03 03 04 04 04 04 04 04 04 04

4 : 05 05 05 05 05 05 05 05 06 06

5 : 06 06 06 06 06 06 07 07 07 07

6 : 07 07 07 07


---


and there is no mutation map. Hope that helps


Carsten

Jon Marshall Fri, 04/17/2009 - 03:33
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Carsten


If you want to preserve the DSCP setting in your packets you need to enable this globally on your switch


6500(config)# no mls qos rewrite ip dscp


Jon

c-naumann Fri, 04/17/2009 - 04:47
User Badges:

Hey Jon,

the main target is not to keep only the DSCP bits. It is:


Mark "clean" pakets on the incomming port, route them, and get the marked pakets on the outgoing port.


Keeping the dscp bits works, but not marking then in the incomming linecard.


To disable ip dscp rewriting hasn't changed anything on that :-/


other suggestions?


thanks Carsten

Jon Marshall Fri, 04/17/2009 - 05:36
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Carsten


Sorry but just to clarify.


You want packets arrving on gi3/5 interface to have a DSCP marking of AF21.

If the packet already has a DSCP marking do you want to replace it with AF21 or keep the marking.

What about packets that do not match your acl ie. no UDP packets.


You want packets that have entered on gi3/5 and been marked to AF21 to keep that marking when exiting any other interface on the switch ?


The next hop ? what is the port on the 6500 that is used to forward on the traffic configured as ?


What version of software are you running ?


Jon


c-naumann Fri, 04/17/2009 - 06:02
User Badges:

I want that any udp packets arriving at gi3/3 get DSCP AF21, all others (that do not match the acl) should not be touched.


Yes the marking should be kept when exiting any other interface. The port that forwards traffic is gi 5/1


---

interface GigabitEthernet5/1

ip address 10.7.2.2 255.255.255.252

mpls traffic-eng tunnels

mpls ip

ip rsvp bandwidth 75000 sub-pool 30000

end

---


I'm running Version 12.2(33)SXI Adv-Ent


and the core problem is that I'm confused why the counters in the policy map are rising while no marked packets are leaving the Catalyst ;-)


Carsten


Actions

This Discussion