Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

QoS on 4506

Dear all,

I am designing QoS on Cisco 4506 switch using ACL. I have Sup II+10GE 10GE module.

The following error message I am getting:

Feb 26 16:05:16: %C4K_HWACLMAN-4-ACLHWPROGERRREASON: Input(194/Normal, null) PolicyMap: IPPHONE+PC - hardware TCAM policers exceeded.

Feb 26 16:05:26: %C4K_HWACLMAN-4-ACLHWPROGERR: Input PolicyMap: IPPHONE+PC - hardware TCAM limit, qos being disabled on relevant interface.

My config as follows:

class-map match-all DVLAN-PC-VIDEO

match access-group name DVLAN-PC-VIDEO

class-map match-all VVLAN-CALL-SIGNALING

match access-group name VVLAN-CALL-SIGNALING

class-map match-all VVLAN-VOICE

match access-group name VVLAN-VOICE

class-map match-all VVLAN-ANY

match access-group name VVLAN-ANY

!

!

policy-map DBL

class class-default

dbl

policy-map IPPHONE+PC

class VVLAN-VOICE

set dscp ef

police 128 kbps 8000 byte conform-action transmit exceed-action drop

class VVLAN-CALL-SIGNALING

set dscp cs3

police 32 kbps 8000 byte conform-action transmit exceed-action policed-dscp-transmit

class DVLAN-PC-VIDEO

set dscp af41

police 500 kbps 8000 byte conform-action transmit exceed-action policed-dscp-transmit

class VVLAN-ANY

set dscp default

police 32 kbps 8000 byte conform-action transmit exceed-action policed-dscp-transmit

class class-default

set dscp default

interface GigabitEthernet2/5

switchport access vlan dynamic

switchport mode access

switchport voice vlan 72

ip arp inspection limit rate 100

speed auto 10 100

qos trust device cisco-phone

tx-queue 1

bandwidth percent 5

tx-queue 2

bandwidth percent 25

tx-queue 3

bandwidth percent 30

priority high

shape percent 30

tx-queue 4

bandwidth percent 40

spanning-tree portfast

spanning-tree bpduguard enable

service-policy input IPPHONE+PC

service-policy output DBL

ip verify source vlan dhcp-snooping

ip access-list extended DVLAN-PC-VIDEO

permit udp any any range 16384 32767

ip access-list extended VVLAN-ANY

permit ip 172.17.192.0 0.0.1.255 any

ip access-list extended VVLAN-CALL-SIGNALING

permit tcp 172.17.192.0 0.0.1.255 any range 2000 2002

ip access-list extended VVLAN-VOICE

permit udp 172.17.192.0 0.0.1.255 any range 16384 32767

Hope you would help me.

Thanks,

1 REPLY
Bronze

Re: QoS on 4506

Workaround:

Disabling DHCP snooping and enabling it again.

338
Views
0
Helpful
1
Replies
CreatePlease login to create content