Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. And see here for current known issues.

New Member

Problems with Policy Map

Hello,

i am struggeling with my policy maps. I created three class maps, and i want to assign matching traffic to three different output queues on my 2811 router running IOS 151-4.M6.

this are my class maps

class-map match-any REALTIME

match  dscp cs4

match  dscp ef

class-map match-all BEST-EFFORT

match any

class-map match-all CRITICAL-TRAFFIC

match ip dscp af21

this is the policy map

policy-map WAN-EDGE-TO-PROVIDER

class REALTIME

  priority 10240 2048

class CRITICAL-TRAFFIC

  bandwidth 20480

  random-detect dscp-based

class BEST-EFFORT

  bandwidth 17920

  random-detect dscp-based

then i applied it to the interface

interface FastEthernet0/0

ip address 172.16.137.6 255.255.255.248

ip ospf priority 0

duplex auto

speed auto

mpls ip

service-policy output WAN-EDGE-TO-PROVIDER

I sent packets with CS4 through the router, when i do show policy-map interface fa0/0 it shows only hits in the BEST-EFFORT class but not in the REALTIME class.

Any ideas what i did wrong?

here is the show output as well

show policy-map interface fa0/0

FastEthernet0/0

  Service-policy output: WAN-EDGE-TO-PROVIDER

    queue stats for all priority classes:

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 0/0

    Class-map: REALTIME (match-any)

      0 packets, 0 bytes

      5 minute offered rate 0 bps, drop rate 0 bps

      Match:  dscp cs4 (32)

       0 packets, 0 bytes

        5 minute rate 0 bps

      Match:  dscp ef (46)

        0 packets, 0 bytes

        5 minute rate 0 bps

      Priority: 10240 kbps, burst bytes 2048, b/w exceed drops: 0

    Class-map: CRITICAL-TRAFFIC (match-all)

      0 packets, 0 bytes

      5 minute offered rate 0 bps, drop rate 0 bps

      Match: ip dscp af21 (18)

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 0/0

      bandwidth 20480 kbps

        Exp-weight-constant: 9 (1/512)

        Mean queue depth: 0 packets

        dscp     Transmitted       Random drop      Tail drop          Minimum        Maximum     Mark

                  pkts/bytes     pkts/bytes       pkts/bytes          thresh         thresh     prob

    Class-map: BEST-EFFORT (match-all)

      10652 packets, 5851955 bytes

      5 minute offered rate 1976000 bps, drop rate 0 bps

      Match: any

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 10652/5851533

      bandwidth 17920 kbps

        Exp-weight-constant: 9 (1/512)

        Mean queue depth: 0 packets

        dscp     Transmitted       Random drop      Tail drop          Minimum        Maximum     Mark

                  pkts/bytes     pkts/bytes       pkts/bytes          thresh         thresh     prob

        default        7/495             0/0              0/0                 20            40  1/10

        cs4        10637/5850350         0/0              0/0                 28            40  1/10

        cs6            8/688             0/0              0/0                 32            40  1/10


thanks in advanced

Alex

10 REPLIES
New Member

Problems with Policy Map

does it start matching when removing BEST-EFFOR class from the WAN-EDGE-TO-PROVIDER policy-map?

im interested in a solution myself.

Super Bronze

Re: Problems with Policy Map

Disclaimer

The   Author of this posting offers the information contained within this   posting without consideration and with the reader's understanding that   there's no implied or expressed suitability or fitness for any purpose.   Information provided is for informational purposes only and should not   be construed as rendering professional advice of any kind. Usage of  this  posting's information is solely at reader's own risk.

Liability Disclaimer

In   no event shall Author be liable for any damages whatsoever (including,   without limitation, damages for loss of use, data or profit) arising  out  of the use or inability to use the posting's information even if  Author  has been advised of the possibility of such damage.

Posting

Don't know if it's the issue the issue, but in your REALTIME class you're using "match dscp" and in your CRITICAL-TRAFFIC class you're using "match ip dscp".  I believe there's a subtle difference between the two versions, but I don't recall what it is without some research.

Also BTW, you BEST-EFFORT class might be replaced by using the class-default class (avoids the need to defined an explicit class).

Silver

Problems with Policy Map

Joseph,

the difference between "match dscp" and "match ip dscp" is that with the keywork ip will match IPv4 packets and without ip, IPv4 and IPv6 packets. So, it should work. However, I would test with match ip dscp to see if there are matches in REALTIME class.

Best Regards,

Jose.

New Member

Re: Problems with Policy Map

Hello Jose,

I tried it with and without the ip keyword. Both times it didn't work. Even removing the Best Effort class helped.
I will Open a tac Case tomorrow and update this discussion as well

Regards
Alex

Sent from Cisco Technical Support iPad App

Re: Problems with Policy Map

Hello Alex

This policy map will only act upon matching dscp values. So do have these values being marked already?

Res
Paul

Sent from Cisco Technical Support iPad App

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Re: Problems with Policy Map

Hello Paul,

I am sending packets from a traffic generator. I sent packets marked with dscp cs4.

Regards

Alex

Sent from Cisco Technical Support iPad App

Re: Problems with Policy Map

Hello

So can you confirm this traffic generator is creating dscp value of 32 (cs4)

Res
Paul

Sent from Cisco Technical Support iPad App

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Re: Problems with Policy Map

Hi Paul,

yes i can confirm. I did couple other tests, i send IP SLAs from a switch behind the router. And it seems the router does not recognize any dscp values from afxx classes. here are my ip sla config

ip sla schedule 140 life 60 start-time now

ip sla 150

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 80

verify-data

vrf NCS

ip sla schedule 150 life 60 start-time now

ip sla 160

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 88

verify-data

vrf NCS

ip sla schedule 160 life 60 start-time now

ip sla 240

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 104

verify-data

vrf NCS

ip sla schedule 240 life 60 start-time now

ip sla 250

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 112

verify-data

vrf NCS

ip sla schedule 250 life 60 start-time now

ip sla 260

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 120

verify-data

vrf NCS

ip sla schedule 260 life 60 start-time now

ip sla 340

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 128

verify-data

vrf NCS

ip sla schedule 340 life 60 start-time now

ip sla 350

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 136

verify-data

vrf NCS

ip sla schedule 350 life 60 start-time now

ip sla 360

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 144

verify-data

vrf NCS

ip sla schedule 360 life 60 start-time now

ip sla 440

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 160

verify-data

vrf NCS

ip sla schedule 440 life 60 start-time now

ip sla 450

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 184

verify-data

vrf NCS

ip sla schedule 450 life 60 start-time now

ip sla 460

udp-jitter 172.22.2.242 17000 codec g711alaw codec-size 160

tos 192

verify-data

vrf NCS

and here my show policy-map output

Service-policy output: WAN-EDGE-TO-PROVIDER

    queue stats for all priority classes:

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 0/0

    Class-map: REALTIME (match-any)

      0 packets, 0 bytes

      5 minute offered rate 0000 bps, drop rate 0000 bps

      Match:  dscp cs4 (32)

        0 packets, 0 bytes

        5 minute rate 0 bps

      Match: ip dscp cs4 (32)

        0 packets, 0 bytes

        5 minute rate 0 bps

      Match:  dscp af21 (18)

        0 packets, 0 bytes

        5 minute rate 0 bps

      Priority: 10240 kbps, burst bytes 2048, b/w exceed drops: 0

    Class-map: class-default (match-any)

      12135 packets, 2531780 bytes

      5 minute offered rate 64000 bps, drop rate 0000 bps

      Match: any

      Queueing

      queue limit 64 packets

      (queue depth/total drops/no-buffer drops) 0/0/0

      (pkts output/bytes output) 12135/2531472

      bandwidth 17920 kbps

        Exp-weight-constant: 9 (1/512)

        Mean queue depth: 0 packets

        dscp       Transmitted         Random drop      Tail drop          Minimum        Maximum     Mark

                pkts/bytes            pkts/bytes       pkts/bytes          thresh         thresh     prob

        default      105/8859            0/0              0/0                 20            40  1/10

        cs2         3003/630306          0/0              0/0                 24            40  1/10

        cs3         3003/630306          0/0              0/0                 26            40  1/10

        cs4         3003/630306          0/0              0/0                 28            40  1/10

        cs5         2002/420204          0/0              0/0                 30            40  1/10

        cs6         1019/211491          0/0              0/0                 32            40  1/10

regards

alex

Re: Problems with Policy Map

Hello

I can see tos value 128 which is applicable to CS4(dscp32) - so then does this switch have mls qos enabled and if so is dscp trusted?

You can also use extended ping to create tos:

ping

Protocol [ip]:

Target IP address: x.x.x.x

Repeat count [5]: xx

Datagram size [100]:

Timeout in seconds [2]:

Extended commands [n]: y

Source address or interface:

Type of service [0]: 128

res

Paul

Please don't forget to rate any posts that have been helpful.

Thanks.

Please don't forget to rate any posts that have been helpful. Thanks.
New Member

Re: Problems with Policy Map

Hello Paul,

the switch doesn't have mls qos enabled. I just use it to send data through my router.

regards

Alex

478
Views
0
Helpful
10
Replies
CreatePlease login to create content