Buy or Renew
Buy or Renew
Cisco + Splunk: It’s a new day for your data. Learn more.
 
cancel
Turn on suggestions
Auto-suggest helps you quickly narrow down your search results by suggesting possible matches as you type.
Showing results for 
Search instead for 
Did you mean: 
cancel
Start a conversation
334
Views
0
Helpful
4
Replies

Service Policy input not working 2970G

wjackson
Level 1
Level 1

‎03-24-2006 01:14 AM - edited ‎03-03-2019 02:27 AM

I have a 2970G with ver :

C2970-LANBASEK9-M), Version 12.2(25)SEE

I am trying to make a QoS marking policy.

example:

class-map match-any Critical-Traffic

match access-group name Critical-Traffic

!

!

policy-map Client-Traffic-QoS

class Critical-Traffic

set dscp af31

class class-default

set dscp default

police 30000000 200000 exceed-action policed-dscp-transmit

!

ip access-list extended Critical-Traffic

permit tcp any any eq telnet

permit tcp any any eq tacacs

permit tcp any any eq 22

permit icmp any any

permit udp any any eq snmp

permit udp any any eq snmptrap

permit udp any any eq tftp

interface GigabitEthernet0/19

service-policy input Client-Traffic-QoS

srr-queue bandwidth share 20 25 45 10

priority-queue out

no cdp enable

spanning-tree portfast

I placed a sniffer machine to sniff the inbound traffic on the port.

when I run traffic in through the port the policy map sees no matches thus doesnt mark the traffic.

I have tried traffic that would be marked AF31.

any ideas?

Labels:
0 Helpful
4 Replies 4

pkhatri
Level 11
Level 11

‎03-24-2006 01:24 AM

Just as a check to see whether your class-map is the issue, could you configure 'set dscp af31' under class-default to see if the service-policy is acting on your traffic at all....

Paresh

0 Helpful

wjackson
Level 1
Level 1
In response to pkhatri

‎03-24-2006 07:49 AM

I have tried setting the

class-default

set dscp af31

and also changing the access-list

and no luck:

s2970G-Intranet-EP#sh policy-map interface gigabitEthernet 0/19

GigabitEthernet0/19

Service-policy input: Client-Traffic-QoS

Class-map: Priority-Traffic (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps, drop rate 0 bps

Match: access-group name Priority-Traffic

0 packets, 0 bytes

30 second rate 0 bps

Class-map: Critical-Traffic (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps, drop rate 0 bps

Match: access-group name Critical-Traffic

0 packets, 0 bytes

30 second rate 0 bps

Class-map: class-default (match-any)

0 packets, 0 bytes

30 second offered rate 0 bps, drop rate 0 bps

Match: any

0 packets, 0 bytes

30 second rate 0 bps

Seems there are no matches on the access-lists or the policy.

0 Helpful

mheusinger
Level 10
Level 10

‎03-24-2006 07:15 AM

Hello,

does your access-list get any matches? Maybe it is a source/destination issue.

can you try

ip access-list extended Critical-Traffic

permit tcp any any eq telnet

permit tcp any eq telnet any

and check with a telnet THROUGH the switch (not from or to the switch!) if it works then?

Hope this helps! Please rate all posts.

Regards, Martin

0 Helpful

wjackson
Level 1
Level 1
In response to mheusinger

‎03-24-2006 07:50 AM

I have tried this as you can see in the comment above.

I telneted through the switch and no traffic matche sthe access-list or the policy-map....

0 Helpful
Customers Also Viewed These Support Documents