I have a simple question but got confused due to different information in various docs regarding the qos mode of operation..
If I want to match in a policy map in a class on a certain dscp value, but on another class I want to match based on an ACL, do I need to configure the qos trust dscp or mls qos trust dscp on the interface, or is it depending on the hardware?
Classification using a port trust state (for example, mls qos trust [
] and a policy map (for example,
policy-map-name) are mutually exclusive. The last one configured overwrites the previous configuration.Classification using a port trust state (for example, mls qos trust [cos | dscp | ip-precedence] and a policy map (for example, service-policy inputpolicy-map-name) are mutually exclusive. The last one configured overwrites the previous configuration.
So in your case your policy map on the interface g1/1 is overwritten by your mls qos trust dscp command.
Basically use one or the other not both as only the last one will be used.
I agree with you. QoS concept is not hard, but implementing QoS across different platform can be frustrating. The BUs aware that issue as well, and they are trying to make it easy with tool like C3PL (cisco policy language), MediaNet.
With your requirement, maybe you can try the follwing config. So, you only classify packets that do not have DSCP value, and trust the DSCP for default.
command within the same policy map. If you enter the
command, go to Step 6.
So on the low end boxes I do the following policy without the trust statement on the interface, I do a match - set operation if I want to trust an incoming marking, the traffic which I want to classify gets matche by an ACL and the whole big rest goes into class-default where it gets dscp default.
On other boxes like Cat4k, Cat6k I have to figure out the QoS mode of operation case by case, if trust statement on interface is needed or not in order to reach the same result as shown in the example policy above.
As you have mentionend, very frustrating to figure out the implementation on a per box base...
I think your solution should work on all mentioned platform. The different behavior comes in play when you have both port trust and policy-map on interface, but if you only have policy-map on the port, it should behave all same.
Question We run asr9001 with XR 6.1.3, and we have a very long delay to
login w/ SSH 1 or 2 to the device compare to IOS device. After
investigation, the there is 1s delay between the client KEXDH_INIT and
the server (XR) KEXDH_REPLY. After debug ssh serv...
Introduction The purpose of this document is to demonstrate the Open
Shortest Path First (OSPF) behavior when the V-bit (Virtual-link bit) is
present in a non-backbone area. The V-bit is signaled in Type-1 LSA only
if the router is the endpoint of one or ...
Hi, I am seeing quite a few issues with patch install and wanted to
share my experience and workaround to this. Login to admin via CLI, then
access root with the “shell” command Issue “df –h” and you’ll probably
see the following directory full or nearly ...