Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

QoS on native VLAN in 802.1q tunnel

Hello,

I have a problem with policing ingress traffic using MQC on a port configured as 802.1q tunnel. Policing seems to work only for tagged VLANs sent via the tunnel (VLAN 10 is tagged VLAN sent via the tunnel):

R3600_LAB#ping 172.31.10.1 repeat 100

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!.

!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!.!

!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!.!!!!!!!!!!!!!!!!.!!

An not for traffic sent over the native vlan (99):

R3600_LAB#ping 172.31.99.1 repeat 200

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Native VLAN does not have the COS field since there is no tag attached, nevertheless class-map should match all the traffic due to MAC permit any any. Below I encose configuration of both ends of assymetric link:

Interface on the 3560 switch connected to tunneling port:

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 99

switchport trunk allowed vlan 10,99,141,191

switchport mode trunk

!

Configuration on tunneling 3750G-42TS switch:

mls qos

!

mac access-list extended ANY

permit any any

!

class-map match-any ANY

match access-group name ANY

!

policy-map POLICE

class ANY

  police 8000 8000 exceed-action drop

!

interface GigabitEthernet1/0/1

switchport access vlan 10

switchport mode dot1q-tunnel

switchport nonegotiate

switchport port-security maximum 200

l2protocol-tunnel cdp

l2protocol-tunnel stp

l2protocol-tunnel vtp

no cdp enable

spanning-tree portfast

service-policy input POLICE

!

Thanks for any help,

Best Regards,

Krzysztof Grabowski

469
Views
0
Helpful
0
Replies
CreatePlease login to create content