C3750 and policy maps

Answered Question
Jun 17th, 2010

Hello group,

I am attempting to attach an input service-policy to a gigabit interface on a 3750G running 12.2(44)SE1. This is to watch for and mark signaling traffic for our DNS solution. My commands are as follows:

ip access-list extended SXDMS-DMM1-Signaling
permit tcp host 10.199.0.10 any eq 7777
!
class-map match-any SXDMS-DMM1-Signaling-cmap
match access-group name SXDMS-DMM1-Signaling
!
policy-map QoS-Policy-Cisco-DMS
class SXDMS-DMM1-Signaling-cmap
  set dscp cs3
!
interface GigabitEthernet1/0/31
service-policy input QoS-Policy-Cisco-DMS
!
interface GigabitEthernet2/0/31
service-policy input QoS-Policy-Cisco-DMS

Which I believe is ok, but when I go to look at the policy-map on either interface, I don't see any matches at all:

sho policy-map int gi1/0/31
GigabitEthernet1/0/31

  Service-policy input: QoS-Policy-Cisco-DMS

    Class-map: SXDMS-DMM1-Signaling-cmap (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: access-group name SXDMS-DMM1-Signaling
        0 packets, 0 bytes
        5 minute rate 0 bps

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
        0 packets, 0 bytes
        5 minute rate 0 bps
SWITCH1(config-ext-nacl)#do sho policy-map int gi2/0/31
GigabitEthernet2/0/31

  Service-policy input: QoS-Policy-Cisco-DMS

    Class-map: SXDMS-DMM1-Signaling-cmap (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: access-group name SXDMS-DMM1-Signaling
        0 packets, 0 bytes
        5 minute rate 0 bps

    Class-map: class-default (match-any)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: any
        0 packets, 0 bytes
        5 minute rate 0 bps
SWITCH1(config-ext-nacl)#

I even tried dropping in a permit ip any any on the ACL and still no matches!

Is there something that I am doing wrong?

Thanks,

AJ Schroeder

I have this problem too.
0 votes
Correct Answer by djh278778 about 6 years 5 months ago
  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (1 ratings)
Loading.
TODD RIEMENSCHNEIDER Thu, 06/17/2010 - 17:57

Out of curiousity are these interfaces you are applying the configuration to switchports or routed ports? Just wondering how the interface is set up.

-Todd

AJ Schroeder Fri, 06/18/2010 - 10:07

These are just access ports (switchports) that are the uplinks for the Windows media server.

AJ

TODD RIEMENSCHNEIDER Fri, 06/18/2010 - 11:21

AJ,

I wonder if you applied your policy map to the vlan SVI thats doing the routing if you would have any more luck seeing the traffic. I do not see anything glaringly obvious with your config that would explain your issue.  Should you decide to apply it to the SVI you need to add 'mls qos vlan based' to the physical interfaces.

http://www.cisco.com/en/US/docs/switches/lan/catalyst3750/software/release/12.2_44_se/configuration/guide/swqos.html

Good luck

-Todd

AJ Schroeder Mon, 06/21/2010 - 06:17

Todd,

Thanks for the responses so far. Here's another interesting thing - I recently put auto qos voip cisco-phone on a 3560 and it creates policy-maps as well and applies them to physical interfaces, and I don't see any matches there either. One of the ports that the policy map is applied to has a Cisco phone attached directly to it. That 3560 is running 12.2(53)SE2.

In any case, I'll try and put the policy map on the SVI and we can see what happens from there.

Thanks,

AJ

AJ Schroeder Wed, 06/23/2010 - 06:13

Todd,

FYI that I tried your suggestion about applying the policy map to the SVI and using 'mls qos vlan-based' on the physical interfaces and that did not solve the issue. This wouldn't have to do with traffic being hardware switched vs. hitting the CPU?

At any rate, I am going to open a TAC case on this problem and post the outcome of that.

Thanks,

AJ

AJ Schroeder Mon, 06/28/2010 - 08:25

That is what is happening! I took a sniff from another network segment and the packets are being marked as expected. Quite unexpected!

Thank you all for the help/suggestions,

AJ

Actions

This Discussion