qos class-map marking issue

Answered Question
Aug 6th, 2010
User Badges:

Hello expert,


I have a hub and spoke enviroment using all cisco 2811 routers.

I am currently working on qos.

I have apply class -maps and policy-map  on one router close to the source as per best practice.

I went to second router and configure qos, i tried to use class-map match dscp21 etc ---- since i do not want to remark packets

previously marked at the source.

The problem is that when i check the second router using the sh policy-map int I am only see all the packets being queued under class-default

which suggest that the match dscp21 etc is not working.


Is there a something missing do i have to issue some command etc to allow the other sister routers to trust the orginal marking.


Attached are two file for clarification


Regards

Correct Answer by Collin Clark about 6 years 9 months ago

Yup, exactly what Jon posted.


Geez Jon the notification email and your response came in at the same time. You're now faster than email.

Correct Answer by Jon Marshall about 6 years 9 months ago

1) You need to enable QOS globally on the switch ie.


2960(config)# mls qos


2) the "mls qos trust dscp" command is an interface command not a global config command so if you need to apply it at the interface level eg.


2960(config)# int gi0/1

2960(config-if)# mls qos trust dscp


Jon

  • 1
  • 2
  • 3
  • 4
  • 5
Overall Rating: 5 (3 ratings)
Loading.
Collin Clark Mon, 08/09/2010 - 12:41
User Badges:
  • Purple, 4500 points or more

A couple of things to keep in mind. 1. Packets are only placed into your configured queues when the tx ring is full. If the interface is not congested packets will not go into the queues you have setup, they will go into the default queue. 2. It looks like your applying QoS to an internet link. If so, keep in mind that some Service Providers strip the CoS values from your packets.


Hope it helps.

jomo frank Mon, 08/09/2010 - 13:19
User Badges:

Hello Collin,


>> Packets are only placed into your configured queues when the tx ring is full. If the interface is not congested packets will not go into the queues you have setup, they will go into the default queue


While awaiting your response I  removed the class mappings as per attactment and created new class mappings.


And the respective queues where populated as per mapping


See attachment.


>> It looks like your applying QoS to an internet link. If so, keep in mind that some Service Providers strip the CoS values from your packets.


Sorry for the misleading naming of the policy-map this policy is actual link to the lan interface of the second router as the aim is just see if the


mapping created on Router1 will remain the same when they hit Router 2.


I am trying to let one Router do all the inpection and marking of the packets and the other routers just accept the mark packets.


Regards

relsethagen Mon, 08/09/2010 - 20:33
User Badges:

If you are marking on router 1 and router 2's Ethernet is in the path of that marked traffic it should show up and match your policy coming into router 2, but It doesn't appear to. my first guess is that your LAN switch is remarking it. If your LAN switch is a 2950 or a 2960/3560/3750 with qos enabled you will have to make sure the ports you have your routers attached to are set to trust dscp on the switch.

jomo frank Tue, 08/10/2010 - 05:40
User Badges:

Hello Colin,


My Lan switch may be the problem I have 2960 series at all locations.


But did not set the respective ports that the router is connected to trust dscp.


Colin, if i do not want to trouble my switch will I have to  setup  class markings on all my routers?


Regards


Jomo

Collin Clark Tue, 08/10/2010 - 06:11
User Badges:
  • Purple, 4500 points or more

Best practices is exactly what relsethagen stated, use the trust feature under the LAN switch interface. Always mark as close to the source as possible and trust the marking for as far as possible. The router will have to write to COS. Yes you can setup it marking on the router, but remember that QoS in switches is done in hardware asics and QoS in routers is done by CPU/software. It's much more efficient to perform QoS in switches than it is in routers.


mls qos trust dscp


If you want it really easy, enable auto qos on your devices. You will then need to add the command below instead of the one above (you can have both with no ill effects).


auto qos voip trust


Hope it helps.

jomo frank Wed, 08/11/2010 - 10:00
User Badges:

Hello Colin,


Can please assist i getting and error when enabling

mls qos trust dscp on my switch.



All detail below for your guidance.


Switch info.

------------------------------------



Switch   Ports        Model                    SW Version               SW Image
------     -----              -----                         ----------                            ----------
*    1     50         WS-C2960-48TT-L      12.2(25)SEE3             C2960-LANBASE-M




When I attempt to enable trust dscp

------------------------------------------------------------------


Linden> en
Password:
Linden#config t
Enter configuration commands, one per line.  End with CNTL/Z.
Linden(config)#mls qos trust dscp
                       ^
% Invalid input detected at '^' marker.

Linden(config)#


Checking mls for all the options

------------------------------------------------------------

Linden(config)#mls ?
  qos  qos keyword

Linden(config)#mls qos ?
  aggregate-policer  Named aggregate policer
  map                qos map keyword
  queue-set          Choose a queue set for this queue
  rewrite            Rewrite Packet/Frame
  srr-queue          Configure SRR receive queues
 




When I  issue show mls

-------------------------------------------------------------------------------


Linden>sh mls qos
QoS is disabled
QoS ip packet dscp rewrite is enabled

Correct Answer
Jon Marshall Wed, 08/11/2010 - 10:06
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

1) You need to enable QOS globally on the switch ie.


2960(config)# mls qos


2) the "mls qos trust dscp" command is an interface command not a global config command so if you need to apply it at the interface level eg.


2960(config)# int gi0/1

2960(config-if)# mls qos trust dscp


Jon

Correct Answer
Collin Clark Wed, 08/11/2010 - 10:20
User Badges:
  • Purple, 4500 points or more

Yup, exactly what Jon posted.


Geez Jon the notification email and your response came in at the same time. You're now faster than email.

Jon Marshall Wed, 08/11/2010 - 14:24
User Badges:
  • Super Blue, 32500 points or more
  • Hall of Fame,

    Founding Member

  • Cisco Designated VIP,

    2017 LAN, WAN

Collin_Clark wrote:


Yup, exactly what Jon posted.


Geez Jon the notification email and your response came in at the same time. You're now faster than email.


Collin, got a lot of time on my hands at the moment due to a bike accident (mountain bike that is) so that probably explains it

Actions

This Discussion