05-19-2010 09:20 AM - edited 03-06-2019 11:10 AM
Hi.
Somebody knows if there is a problem with the 3560E doing the policy base marking or I am doing something bad in the following configuration:
=====8021q======>(marking and PBR------VLAN INTERFACE-------)>=======PORT-CHANNEL3=========>
TENGIGA 0/1--------->----------------SW 3560E---------------------------->----------------PORT-CHANNEL(giga ethernet interfaces----------
policy-map DSCP_VLAN_3602
class class-default
set dscp af21
!
interface TenGigabitEthernet0/1
switchport trunk encapsulation dot1q
switchport trunk native vlan 3
switchport trunk allowed vlan 3602,3603
switchport mode trunk
mls qos vlan-based
!
interface Port-channel3
description ### Data-Grid ###
no switchport
ip address 192.168.3.2 255.255.255.0
load-interval 30
delay 100
keepalive 1
!
interface Vlan3602
ip address 172.21.50.10 255.255.255.252
ip policy route-map TO_GRID_1_from_Suba
service-policy input DSCP_VLAN_3602
!
route-map TO_GRID_1_from_Suba permit 10
match ip address ANY_TCP
set ip next-hop 192.168.3.1
!
ip access-list extended ANY_TCP
permit tcp any any
I see not matches on the show policy-map interfaces and I dont see matches in an access list I configure out the Portchannel doing match to DSCP af21 so I can say that no mark is working, but downstream the packets are using the marck (AF21) to do another PBR and it seem it is working fine ( because the trafic is reaching the destination). So What are not seeing nothing marked here? 3560 have any problem with the statistics?
Thanks
Solved! Go to Solution.
05-19-2010 10:25 AM
p.diaz wrote:
Hi.
Somebody knows if there is a problem with the 3560E doing the policy base marking or I am doing something bad in the following configuration:
I see not matches on the show policy-map interfaces and I dont see matches in an access list I configure out the Portchannel doing match to DSCP af21 so I can say that no mark is working, but downstream the packets are using the marck (AF21) to do another PBR and it seem it is working fine ( because the trafic is reaching the destination). So What are not seeing nothing marked here? 3560 have any problem with the statistics?
Thanks
This is a well known limitation with the 3560 and 3750 switches. Because the packets are switched in hardware the 3560 switch does not keep acl or QOS policy map counters.
The best you can do on these switches is "sh mls qos interface
If you are happy that the packets are actually being marked correctly then it is nothing to worry about.
Jon
05-19-2010 10:25 AM
p.diaz wrote:
Hi.
Somebody knows if there is a problem with the 3560E doing the policy base marking or I am doing something bad in the following configuration:
I see not matches on the show policy-map interfaces and I dont see matches in an access list I configure out the Portchannel doing match to DSCP af21 so I can say that no mark is working, but downstream the packets are using the marck (AF21) to do another PBR and it seem it is working fine ( because the trafic is reaching the destination). So What are not seeing nothing marked here? 3560 have any problem with the statistics?
Thanks
This is a well known limitation with the 3560 and 3750 switches. Because the packets are switched in hardware the 3560 switch does not keep acl or QOS policy map counters.
The best you can do on these switches is "sh mls qos interface
If you are happy that the packets are actually being marked correctly then it is nothing to worry about.
Jon
05-19-2010 11:31 AM
Very Good. Or need to say Very bad?
You cleared me
Thank you very much.
Discover and save your favorite ideas. Come back to expert answers, step-by-step guides, recent topics, and more.
New here? Get started with these tips. How to use Community New member guide