cancel
Showing results for 
Search instead for 
Did you mean: 
cancel
685
Views
0
Helpful
4
Replies

Cisco 3560G is not marking the packets

slizarraga
Level 1
Level 1

I have configured QoS, for marking some packets as CS2 in a Cisco 3560G with a 12.2(55)SE. But I check in a router that is the next-hop and dont see the packets marked.

! This is the internal interface:

interface Vlan1888

description usuarios-gbs-claro

ip address 10.125.1.74 255.255.255.128 secondary

ip address 10.125.1.1 255.255.255.128

no ip redirects

load-interval 30

service-policy input qos-claro

end

! This is the external interface:

interface Vlan688

description acceso-claro-gb

ip address 10.125.2.1 255.255.255.0

no ip redirects

no ip unreachables

no ip proxy-arp

no ip route-cache cef

no ip mroute-cache

load-interval 30

end

! This is the policy map of the internal interface:

Policy Map qos-claro

    Class class-qos-claro-gbs

      set dscp cs2

    Class class-default

      set dscp cs2

plm-yob-as#show clas

plm-yob-as#show class-map class-qos-claro-gbs

Class Map match-all class-qos-claro-gbs (id 1)

   Match access-group name qos-claro-gbs

plm-yob-as#show acce

plm-yob-as#show access-l

plm-yob-as#show access-lists qos-claro-gbs

Extended IP access list qos-claro-gbs

    10 permit ip 10.125.1.0 0.0.0.127 172.19.63.0 0.0.0.255

    20 permit ip 10.125.1.0 0.0.0.127 172.19.44.0 0.0.0.255

    30 permit ip 10.125.1.0 0.0.0.127 172.19.34.0 0.0.0.255

    40 permit ip 10.125.1.0 0.0.0.127 172.19.33.0 0.0.0.255

    50 permit ip 10.125.1.0 0.0.0.127 172.19.32.0 0.0.0.255

    60 permit ip 10.125.1.0 0.0.0.127 172.19.93.0 0.0.0.255

    70 permit ip 10.125.1.0 0.0.0.127 172.19.74.0 0.0.0.255

    80 permit ip 10.125.1.0 0.0.0.127 172.19.73.0 0.0.0.255

    90 permit ip 10.125.1.0 0.0.0.127 172.19.72.0 0.0.0.255

    100 permit ip 10.125.1.0 0.0.0.127 172.19.71.0 0.0.0.255

    110 permit ip 10.125.1.0 0.0.0.127 192.168.5.0 0.0.0.255

    120 permit ip 10.125.1.0 0.0.0.127 host 10.244.2.196

    130 permit ip 10.125.1.0 0.0.0.127 192.168.1.0 0.0.0.255

plm-yob-as#

And this is the output of the next hop:

rMPLS_IBM_LaMolina#sh int description | i 1852877

Gi4/0.100688                   up             up       CID 1852877 Ibm Del Peru S.A.C. Sede (AMOV - Principal)

rMPLS_IBM_LaMolina#sh ip cache verbose flow | i Gi4/0.100688

Gi4/0.100688   10.125.1.60     Gi0/1          172.19.73.79    06 00  18      75

Gi4/0.100688   10.125.1.60     Gi0/1          172.19.73.79    06 00  1A      46

Gi4/0.100688   10.125.1.60     Gi0/1          172.19.73.79    06 00  1A      25

Gi4/0.100688   10.125.1.60     Gi0/1          172.19.73.79    06 00  1A      40

Gi4/0.100688   10.125.1.60     Gi0/1          172.19.73.79    06 00  1A      20

Gi4/0.100688   10.125.1.60     Gi0/1          172.19.73.79    06 00  1A      11

Gi4/0.100688   10.125.1.31     Gi0/1          172.19.72.144   06 00  18     168

As you see, it apears as 00 (not marked).

QoS is enabled in the switch:

plm-yob-as#show mls qos

QoS is enabled

QoS ip packet dscp rewrite is enabled

And I am using

mls qos trust dscp

command.

What do you suggest me to check? I was thinking of upgrading the IOS.Thanks!

1 Accepted Solution

Accepted Solutions

Lei Tian
Cisco Employee
Cisco Employee

Hi,

Do you have mls qos vlan-based on the physical port?

HTH,

Lei Tian

View solution in original post

4 Replies 4

Lei Tian
Cisco Employee
Cisco Employee

Hi,

Do you have mls qos vlan-based on the physical port?

HTH,

Lei Tian

Thanks Lei Tian!

That was it...

sganpat
Level 1
Level 1

Did you check whether the ISP is remarking the traffic? I doubt this, but still check. You can try capturing from the outside interface of the switch to make sure you are getting the correct DSCP headers.

What does the output of the "show policy-map interface vlan 1888" say?

Sachin

paolo bevilacqua
Hall of Fame
Hall of Fame

Wrong forum, post in "LAN and switching". You can move your posting with the Actions panel on the right.

Getting Started

Find answers to your questions by entering keywords or phrases in the Search bar above. New here? Use these resources to familiarize yourself with the community:

Innovations in Cisco Full Stack Observability - A new webinar from Cisco