Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
4503
Views
8
Helpful
5
Replies

Apply QOS to vrf traffic?(Ethernet SubInts)

johnelliot
Level 1
Level 1

‎07-30-2006 03:59 PM

Hi,

I'm trying to apply "GOLD" QOS to vrf traffic that is terminated on eth subints, but class-map is not allowing me to match on subinterfaces:

class-map match-any GOLD

match mpls experimental topmost 5

match ip precedence 5

match input-interface fastEthernet 0/0 (Subints not allowed)

I also cannot match on access-group, as the traffic is within a vrf.

Should I be creating a seperate policy-map marking the traffic as GOLD, and then apply this as a "service-policy input" to each eth subint the vrf is associated with?

Labels:
0 Helpful
5 Replies 5

thomas.chen
Level 6
Level 6

‎08-04-2006 05:36 AM

Yes,after creating the class map ,specify this class under the policy map and indicate the action.Afterwards,you can apply this policy to interface.

mheusinger
Level 10
Level 10
In response to thomas.chen

‎08-04-2006 06:59 AM

Hi,

when you apply the service-policy to an interface you do NOT need to specify the interface in the class-map! Example:

class-map match-any VoIP

match ip precedence 5

match ip dscp ef

policy-map Marking

class VoIP

set mpls experimental imposition 5

interface FastEthernet0/0.100

ip address ...

encapsulation dot1q 100

service-policy input Marking

This will set MPLS exp bits on all traffic coming into F0/0.100 and being marked with either Prec 5 or DSCP EF.

Sidenote: using an ACL in class VoIP will also only match traffic on the interface, where the policy is applied. So overlapping customer addresses are not an issue.

Hope this helps! Please rate all posts.

Regards, Martin

johnelliot
Level 1
Level 1
In response to mheusinger

‎08-04-2006 01:35 PM

Thanks guys - I also assume we will need some form of admission control on every customer facing int(To ensure those not paying for "gold" class, can't classify there egress traffic as they see fit ;) )

eg.

Customers not buying any QoS, have a "set ip dscp 0" class-default

inbound policy-map.

0 Helpful

mheusinger
Level 10
Level 10
In response to johnelliot

‎08-05-2006 02:25 AM

Very true!

To my knowledge it is called precedence spoofing. This is f.e. why in all Cisco LAN switches all ports are defaulting to "untrusted" i.e. they rewrite cos/DSCP to 0.

You might also need a policer, which limits the customer, who bought "GOLD" to the speed purchased. Remark excess traffic to 0, but do not drop it, because then he might get the feeling that his "GOLD" traffic is treated worse (discards experienced) than best effort (possibly no discards if enough bandwidth).

Regards, Martin

0 Helpful

mazlan484106
Level 1
Level 1

‎08-29-2006 07:49 PM

Hi,

I cannot using hyper terminal to link between Router and my laptop,could someone help to this problem.

0 Helpful
Customers Also Viewed These Support Documents