Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

CBWFQ - no match at class-map

Hello,

I have to test a congestion management for a customer.

Involved Hardware: 876 Series Router

IOS: advanced Security

I configured the following class-based-weighted-fair-queueing:

  ip access-list extended QOS
        permit tcp any host 172.16.17.21 eq 10002
        permit tcp any host 172.16.17.24 eq 10002
        permit tcp any host 195.145.98.212 eq 443
        permit tcp any host 195.145.98.220 eq 443
        permit tcp 10.0.0.0 0.255.255.255 160.83.1.240 0.0.0.7 eq 53301
        permit icmp 10.0.0.0 0.255.255.255 160.83.1.240 0.0.0.7
        permit tcp any 172.19.201.160 0.0.0.15 eq 1494
        permit tcp any 172.19.201.160 0.0.0.15 eq 1604

    class-map match-all DATA
        match access-group name QOS
    class-map match-all VOICE
        match precedence 3 5

    policy-map PRIO_QUEUEING
        class VOICE
            bandwidth percent 20
        class DATA
            bandwidth percent 50
        class class-default
            fair-queue

    interface dialer1
        service-policy output PRIO_QUEUEING

-----------------------------------------------------------------------------------------------------------

I got the following Output:

sh policy-map interface output
Dialer1

  Service-policy output: PRIO_QUEUEING

    Class-map: VOICE (match-all)
      187112 packets, 27113032 bytes
      5 minute offered rate 13000 bps, drop rate 0 bps
      Match:  precedence 3  5
      Queueing
        Output Queue: Conversation 25
        Bandwidth 23 (%)
        Bandwidth 12 (kbps)Max Threshold 64 (packets)
        (pkts matched/bytes matched) 0/0
        (depth/total drops/no-buffer drops) 0/0/0

    Class-map: DATA (match-all)
      0 packets, 0 bytes
      5 minute offered rate 0 bps, drop rate 0 bps
      Match: access-group name QOS
      Queueing
        Output Queue: Conversation 26
        Bandwidth 50 (%)
        Bandwidth 28 (kbps)Max Threshold 64 (packets)
        (pkts matched/bytes matched) 0/0
        (depth/total drops/no-buffer drops) 0/0/0

    Class-map: class-default (match-any)
      1395439 packets, 362149552 bytes
      5 minute offered rate 216000 bps, drop rate 0 bps
      Match: any
      Queueing
        Flow Based Fair Queueing
        Maximum Number of Hashed Queues 16
        (total queued/total drops/no-buffer drops) 0/0/0

My question is why there are no matches at the class-map DATA. I took a look to the traffic with Netflow Tracker by Fluke and saw that the applications generated traffic.

Could anybody help me?

Kind regards

Holger

  • LAN Switching and Routing
Everyone's tags (5)
1 ACCEPTED SOLUTION

Accepted Solutions
New Member

Re: CBWFQ - no match at class-map

Hi,

We need to use " ip qos Pre-classify" under tunnel interface or virtual-template inorder to use QOS for a tunnel.

or

Check the ACL "QOS" whether there is a match, since precedence value is not 3 or 5 it will not match Voice

I beleive your traffic is not matching ACL so it is coming under default class.

HTH,

Hari.Sivaji

17 REPLIES
Cisco Employee

Re: CBWFQ - no match at class-map

Hi Holger,

Check if those traffic are marked as IPP 3 or 5; if yes, they will be put into VOICE class.

HTH,

Lei Tian

Hall of Fame Super Silver

Re: CBWFQ - no match at class-map

Hello Holger,

as Lei has noted the order of referencing of the class-maps in the policy map is important like in an ACL.

Because the voip class map has a generic definition based only on IP precedence values other types of traffic can be classified on it.

Hope to help

Giuseppe

New Member

Re: CBWFQ - no match at class-map

Hello Lei, hello Guiseppe,

thanks for your fast answers. I will check if my traffic is marked with IP precedence 3 and 5. I will check in 2 weeks, because I will go on holiday.

Thanks again and happy easter.

Holger

Cisco Employee

Re: CBWFQ - no match at class-map

Enjoy your holiday.

New Member

Re: CBWFQ - no match at class-map

Hi all,

I have checked the traffic with Netflow Tracker by Fluke. My data packets for the class DATA is not marked with ip precedence 3 and / or 5 . I forgot to tell that there is a vpn tunnel configured at this router. Is it possible that my traffic could not be classified, because it is always IPsec?

Kind regards

Holger

New Member

Re: CBWFQ - no match at class-map

Hi,

We need to use " ip qos Pre-classify" under tunnel interface or virtual-template inorder to use QOS for a tunnel.

or

Check the ACL "QOS" whether there is a match, since precedence value is not 3 or 5 it will not match Voice

I beleive your traffic is not matching ACL so it is coming under default class.

HTH,

Hari.Sivaji

New Member

Re: CBWFQ - no match at class-map

I believe that the traffic is not matching the ACL, too. But I don't know why. Traffic with the needed subjects were generated at the network (right source/destination IP, right protocol-ports). The data packets are very small (1 Byte to 34 kByte).

Kind regards

Holger

Hall of Fame Super Silver

Re: CBWFQ - no match at class-map

Hello Holger,

>> I forgot to tell that there is a vpn tunnel configured at this  router. Is it possible that my traffic could not be classified, because  it is always IPsec?

yes indeed you need to mark the traffic inbound when received in clear text on lan interface

You need to set an IP precedence value per traffic class

Then you need to match on ip precedence values on outgoing interface.

IP precedence value is replicated on external headers

Another important advice: it can be a question of IOS image I had a similar scenario where everything was configured correctly.

After having loaded a 12.4T image it worked

sh ver | inc image
System image file is "flash:c870-advsecurityk9-mz.124-15.T7.bin"

with this image it worked on a 877-M

sh policy-map int vlan1
Vlan1

  Service-policy input: mk_voice

    Class-map: cm_voice (match-all)
      1084138 packets, 96294168 bytes
      30 second offered rate 0 bps, drop rate 0 bps
      Match: access-group name voice
      QoS Set
        precedence 5
          Packets marked 1084138

    Class-map: class-default (match-any)
      1018366 packets, 184415531 bytes
      30 second offered rate 0 bps, drop rate 0 bps
      Match: any
      QoS Set
        precedence 0
          Packets marked 1018366

sh policy-map int atm0

ATM0

  Service-policy output: llq_voice

    Class-map: llq_voice (match-all)
      1084143 packets, 176923220 bytes
      30 second offered rate 0 bps, drop rate 0 bps
      Match: ip precedence 5
      Queueing
        Strict Priority
        Output Queue: Conversation 264
        Bandwidth 350 (kbps) Burst 8750 (Bytes)
        (pkts matched/bytes matched) 0/0
        (total drops/bytes drops) 0/0

    Class-map: class-default (match-any)
      1098256 packets, 270148800 bytes
      30 second offered rate 2000 bps, drop rate 0 bps
      Match: any

notice the corrispondence between marked traffic on policy map applied inbound and that on atm interface

Hope to help

Giuseppe

New Member

Re: CBWFQ - no match at class-map

Hi all,

after the upgrade to version c870-advsecurityk9-mz.124-15.T7.bin I am testing the router again. But I have no matches at my class-map data. There are no matches at the access-list "QOS" (you could see at my first posting), too. I disabled my crypto map, so that there is no VPN tunnel anymore. No change at the results had happened.

Is it possible that no match happen because my data packets are small (335 Byte)? But in this case there had to be matches at my ACL, even though.

Kind regards

Holger

3132
Views
0
Helpful
17
Replies
This widget could not be displayed.