How I can use Per-Port Per-VLAN basis classifying with 802.1Q Tunneling? Seems, that it not works on VLAN tunnels but works fine on common VLANs. My config looks like:

-------------------------------------------------------

vlan dot1q tag native

!

mls qos

!

class-map match-any ipclass

match ip dscp 0

class-map match-all vlan30

match vlan 30

match class-map ipclass

class-map match-all vlan5

match vlan 5

match class-map ipclass

!

policy-map vlan1M

class vlan30

police 2000000 128000 exceed-action drop

class vlan5

police 512000 32000 exceed-action drop

!

spanning-tree mode mst

spanning-tree extend system-id

system mtu 1516

!

interface FastEthernet0/13

switchport access vlan 5

switchport mode access

no ip address

spanning-tree portfast

spanning-tree bpdufilter enable

!

interface FastEthernet0/24

switchport access vlan 30

switchport mode dot1q-tunnel

no ip address

l2protocol-tunnel vtp

no cdp enable

spanning-tree bpdufilter enable

!

interface GigabitEthernet0/1

switchport trunk encapsulation dot1q

switchport trunk native vlan 99

switchport mode trunk

no ip address

mls qos monitor dscp 0

service-policy input vlan1M

!

interface GigabitEthernet0/2

switchport trunk encapsulation dot1q

switchport trunk native vlan 99

switchport mode trunk

no ip address

mls qos monitor dscp 0

service-policy input vlan1M

!

interface Vlan1

no ip address

shutdown

!

interface Vlan99

description Management VLAN

ip address 192.168.99.24 255.255.255.0

------------------------------------------

Policing is OK for VLAN5 but not for VLAN30. Any ideas how to resolve the problem?

regards,

Mait Kink