Cisco Support Community
Community Member

qos with 1q4t on Cat6500

I have configured to trust-cos on 1q4t port type on Cat6500. Cisco has said the trust-cos ACL must be configured for 1q4t port type to work with trust-cos setting.

Quoted from CCO......

On 1q4t ports (except Gigabit Ethernet), the trust-cos port keyword displays an error message, activates receive queue drop thresholds, and as indicated by the error message does not apply the trust-cos trust state to traffic. You must configure a trust-cos ACL that matches the ingress traffic to apply the trust-cos trust state.

Below is my config on Cat6500

set qos acl mac test1 trust-cos any any

set port qos 4/3 trust trust-cos

set qos acl map test1 4/3

commit qos acl all

Then I do the sh port qos...........

(Attached is the result of sh port qos 4/3)

CatOS> (enable) sh port qos 4/3

QoS is enabled for the switch.

QoS policy source for the switch set to local.

Port Interface Type Interface Type Policy Source Policy Source

config runtime config runtime

----- -------------- -------------- ------------- -------------

4/3 port-based port-based COPS local

Port TxPort Type RxPort Type Trust Type Trust Type Def CoS Def CoS

config runtime config runtime

----- ------------ ------------ ------------ ------------- ------- -------

4/3 2q2t 1q4t trust-cos trust-cos* 0 0

Port Ext-Trust Ext-Cos

----- --------- -------

4/3 untrusted 0

(*)Runtime trust type set to untrusted.


Port ACL name Type

----- -------------------------------- ----

4/3 test1 MAC


Port ACL name Type

----- -------------------------------- ----

4/3 test1 MAC

It seems like the ACL test1 has been mapped to port 4/3 but the trust-cos setting is still being untrusted under the trust-type run-time (the field has a (*) attached).

Please advise if the port has changed to trust-cos setting.



Re: qos with 1q4t on Cat6500

Traffic which falls in ACL will have no change of cos .The Access list is only considered and goes according to it and hence the Port can be left as untrusted. If traffic doesn't match ACL on that port cos value will be set to default state(untrusted). This is an expected behavior.

I am not sure if you have seen this document that talks about the limitations. You might want to take a look at this also.

CreatePlease to create content