Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Service Policy input not working 2970G

I have a 2970G with ver :

C2970-LANBASEK9-M), Version 12.2(25)SEE

I am trying to make a QoS marking policy.

example:

class-map match-any Critical-Traffic

match access-group name Critical-Traffic

!

!

policy-map Client-Traffic-QoS

class Critical-Traffic

set dscp af31

class class-default

set dscp default

police 30000000 200000 exceed-action policed-dscp-transmit

!

ip access-list extended Critical-Traffic

permit tcp any any eq telnet

permit tcp any any eq tacacs

permit tcp any any eq 22

permit icmp any any

permit udp any any eq snmp

permit udp any any eq snmptrap

permit udp any any eq tftp

interface GigabitEthernet0/19

service-policy input Client-Traffic-QoS

srr-queue bandwidth share 20 25 45 10

priority-queue out

no cdp enable

spanning-tree portfast

I placed a sniffer machine to sniff the inbound traffic on the port.

when I run traffic in through the port the policy map sees no matches thus doesnt mark the traffic.

I have tried traffic that would be marked AF31.

any ideas?

4 REPLIES
Purple

Re: Service Policy input not working 2970G

Just as a check to see whether your class-map is the issue, could you configure 'set dscp af31' under class-default to see if the service-policy is acting on your traffic at all....

Paresh

New Member

Re: Service Policy input not working 2970G

I have tried setting the

class-default

set dscp af31

and also changing the access-list

and no luck:

s2970G-Intranet-EP#sh policy-map interface gigabitEthernet 0/19

GigabitEthernet0/19

Service-policy input: Client-Traffic-QoS

Class-map: Priority-Traffic (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps, drop rate 0 bps

Match: access-group name Priority-Traffic

0 packets, 0 bytes

30 second rate 0 bps

Class-map: Critical-Traffic (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps, drop rate 0 bps

Match: access-group name Critical-Traffic

0 packets, 0 bytes

30 second rate 0 bps

Class-map: class-default (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps, drop rate 0 bps

Match: any

0 packets, 0 bytes

30 second rate 0 bps

Seems there are no matches on the access-lists or the policy.

Re: Service Policy input not working 2970G

Hello,

does your access-list get any matches? Maybe it is a source/destination issue.

can you try

ip access-list extended Critical-Traffic

permit tcp any any eq telnet

permit tcp any eq telnet any

and check with a telnet THROUGH the switch (not from or to the switch!) if it works then?

Hope this helps! Please rate all posts.

Regards, Martin

New Member

Re: Service Policy input not working 2970G

I have tried this as you can see in the comment above.

I telneted through the switch and no traffic matche sthe access-list or the policy-map....

141
Views
0
Helpful
4
Replies
CreatePlease to create content