Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
1075
Views
0
Helpful
2
Replies

Cisco 3750 Switch QOS config

Go to solution
smartboy2255
Level 1
Level 1

‎11-08-2011 03:31 AM - edited ‎03-07-2019 03:16 AM

Dear all,

   Pls help me to configure qos in Cisco 3750 switch.I have configured below template and applied on the vlan interface.But i am getting the hit on the access list but I am not able to get hit on the class map.pls help to configure properly.

Regards,

Ajith

Labels:
116880-netpro.txt.zip
0 Helpful
1 Accepted Solution

Accepted Solutions

Go to solution
acampbell
VIP Alumni
VIP Alumni

‎11-08-2011 05:37 AM

Hi,

Show policy-map interface xyz stat

Is not support on 3750 lan switches, you can type it if you want but

your stats will not show.

Lets look at your policy

class-map match-any data
  match access-group 105

class-map match-all voice
  match ip dscp ef
!
access-list 105 permit udp any any
access-list 105 permit tcp any any
access-list 105 permit ip any any


policy-map qos
  class data
   set dscp cs3
  class voice
   set dscp ef

In the policy map the calss DATA will be picked up using ACL 105

Permit udp any -- this will match you voice traffic right away as voip is RTP under UDP

So this means your VIOP is going to get remarked to DSCP cs3

Therfore your class voice is never going to reach ite intended remarking.

I think you would be better trying to catch and mark/remark the traffic at ingress from the ports.

I am guessing that the data you are trying to match is voice signalling. I do not know if the voip system

is Cisco, avaya nortel mitel whatever.

Lets guess that it is Cisco

Some common ports used by Cisco are

Skiiny (SCCP) TCP port 2000

H323 TCP port 1720

MGCP UDP 2427 & TCP 2428

!

!

access-list 105 permit udp any any 2427

access-list 105 permit udp any 2427 any

access-list 105 permit tcp any any 2428

access-list 105 permit tcp any 2428 any

access-list 105 permit tcp any any 2000

access-list 105 permit tcp any 2000 any

access-list 105 permit tcp any any 1720

access-list 105 permit tcp any 1720 any

!

class-map match-any DATA

  match access-group 105

class-map match-all VOICE

  match ip dscp ef

!

policy-map QOS

  class DATA

set dscp cs3

  class VOICE

   set dscp ef

!

!

int fast 1/0/1

desc *** VOIP & PC Port ***

switchport host

switchport access vlan 10

switchport voice vlan 700

seivice-policy input QOS

srr-queue bandwidth share 10 10 60 20

priority-queue out

!

!

int fast 1/0/2

desc *** VOIP & PC Port ***

switchport host

switchport access vlan 10

switchport voice vlan 700

seivice-policy input QOS

srr-queue bandwidth share 10 10 60 20

priority-queue out

!

On say port 24 we have a WAN router with a trunk

!

int fast 1/0/24

!

interface FastEthernet0/48

description Connected to grangemouth_sw_02

switchport trunk encapsulation dot1q

switchport trunk allowed vlan remove 1-1001

switchport trunk allowed vlan add 2,700,999

switchport mode trunk

srr-queue bandwidth share 10 10 60 20

priority-queue out

mls qos trust dscp

speed 100

duplex full

!

!
interface FastEthernet0/48
description *** PORT TO ROUTER ***
switchport trunk encapsulation dot1q
  switchport trunk allowed vlan add 2,700,999
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
priority-queue out
mls qos trust dscp
speed 100
duplex full

!

On the router port 24 we can check if packets are being marked to the

required DSCPs

sh mls qos int fas 1/0/24 stat

HTH

Alex

Regards, Alex. Please rate useful posts.

View solution in original post

0 Helpful
2 Replies 2

Go to solution
acampbell
VIP Alumni
VIP Alumni

‎11-08-2011 05:37 AM

Hi,

Show policy-map interface xyz stat

Is not support on 3750 lan switches, you can type it if you want but

your stats will not show.

Lets look at your policy

class-map match-any data
  match access-group 105

class-map match-all voice
  match ip dscp ef
!
access-list 105 permit udp any any
access-list 105 permit tcp any any
access-list 105 permit ip any any


policy-map qos
  class data
   set dscp cs3
  class voice
   set dscp ef

In the policy map the calss DATA will be picked up using ACL 105

Permit udp any -- this will match you voice traffic right away as voip is RTP under UDP

So this means your VIOP is going to get remarked to DSCP cs3

Therfore your class voice is never going to reach ite intended remarking.

I think you would be better trying to catch and mark/remark the traffic at ingress from the ports.

I am guessing that the data you are trying to match is voice signalling. I do not know if the voip system

is Cisco, avaya nortel mitel whatever.

Lets guess that it is Cisco

Some common ports used by Cisco are

Skiiny (SCCP) TCP port 2000

H323 TCP port 1720

MGCP UDP 2427 & TCP 2428

!

!

access-list 105 permit udp any any 2427

access-list 105 permit udp any 2427 any

access-list 105 permit tcp any any 2428

access-list 105 permit tcp any 2428 any

access-list 105 permit tcp any any 2000

access-list 105 permit tcp any 2000 any

access-list 105 permit tcp any any 1720

access-list 105 permit tcp any 1720 any

!

class-map match-any DATA

  match access-group 105

class-map match-all VOICE

  match ip dscp ef

!

policy-map QOS

  class DATA

set dscp cs3

  class VOICE

   set dscp ef

!

!

int fast 1/0/1

desc *** VOIP & PC Port ***

switchport host

switchport access vlan 10

switchport voice vlan 700

seivice-policy input QOS

srr-queue bandwidth share 10 10 60 20

priority-queue out

!

!

int fast 1/0/2

desc *** VOIP & PC Port ***

switchport host

switchport access vlan 10

switchport voice vlan 700

seivice-policy input QOS

srr-queue bandwidth share 10 10 60 20

priority-queue out

!

On say port 24 we have a WAN router with a trunk

!

int fast 1/0/24

!

interface FastEthernet0/48

description Connected to grangemouth_sw_02

switchport trunk encapsulation dot1q

switchport trunk allowed vlan remove 1-1001

switchport trunk allowed vlan add 2,700,999

switchport mode trunk

srr-queue bandwidth share 10 10 60 20

priority-queue out

mls qos trust dscp

speed 100

duplex full

!

!
interface FastEthernet0/48
description *** PORT TO ROUTER ***
switchport trunk encapsulation dot1q
  switchport trunk allowed vlan add 2,700,999
switchport mode trunk
srr-queue bandwidth share 10 10 60 20
priority-queue out
mls qos trust dscp
speed 100
duplex full

!

On the router port 24 we can check if packets are being marked to the

required DSCPs

sh mls qos int fas 1/0/24 stat

HTH

Alex

Regards, Alex. Please rate useful posts.
0 Helpful

Go to solution
smartboy2255
Level 1
Level 1
In response to acampbell

‎11-09-2011 05:55 PM

HI Alex,

    What will be the impact while applying below commands.

srr-queue bandwidth share 10 10 60 20

priority-queue out

!

Also how to verify our outside traffic is marked with ef and cs3 value?I think it wont show in

sh mls qos int fas 1/0/24 stat commad.

Regards,

Ajith

0 Helpful
Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Customers Also Viewed These Support Documents
Review Cisco Networking products for a $25 gift card