Problems with Policy Map

alex.dersch · ‎07-31-2013

Hello,

i am struggeling with my policy maps. I created three class maps, and i want to assign matching traffic to three different output queues on my 2811 router running IOS 151-4.M6.

this are my class maps

class-map match-any REALTIME

match dscp cs4

match dscp ef

class-map match-all BEST-EFFORT

match any

class-map match-all CRITICAL-TRAFFIC

match ip dscp af21

this is the policy map

policy-map WAN-EDGE-TO-PROVIDER

class REALTIME

priority 10240 2048

class CRITICAL-TRAFFIC

bandwidth 20480

random-detect dscp-based

class BEST-EFFORT

bandwidth 17920

random-detect dscp-based

then i applied it to the interface

interface FastEthernet0/0

ip address 172.16.137.6 255.255.255.248

ip ospf priority 0

duplex auto

speed auto

mpls ip

service-policy output WAN-EDGE-TO-PROVIDER

I sent packets with CS4 through the router, when i do show policy-map interface fa0/0 it shows only hits in the BEST-EFFORT class but not in the REALTIME class.

Any ideas what i did wrong?

here is the show output as well

show policy-map interface fa0/0

FastEthernet0/0

Service-policy output: WAN-EDGE-TO-PROVIDER

queue stats for all priority classes:

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

Class-map: REALTIME (match-any)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: dscp cs4 (32)

0 packets, 0 bytes

5 minute rate 0 bps

Match: dscp ef (46)

0 packets, 0 bytes

5 minute rate 0 bps

Priority: 10240 kbps, burst bytes 2048, b/w exceed drops: 0

Class-map: CRITICAL-TRAFFIC (match-all)

0 packets, 0 bytes

5 minute offered rate 0 bps, drop rate 0 bps

Match: ip dscp af21 (18)

Queueing

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 0/0

bandwidth 20480 kbps

Exp-weight-constant: 9 (1/512)

Mean queue depth: 0 packets

dscp Transmitted Random drop Tail drop Minimum Maximum Mark

pkts/bytes pkts/bytes pkts/bytes thresh thresh prob

Class-map: BEST-EFFORT (match-all)

10652 packets, 5851955 bytes

5 minute offered rate 1976000 bps, drop rate 0 bps

Match: any

Queueing

queue limit 64 packets

(queue depth/total drops/no-buffer drops) 0/0/0

(pkts output/bytes output) 10652/5851533

bandwidth 17920 kbps

Exp-weight-constant: 9 (1/512)

Mean queue depth: 0 packets

dscp Transmitted Random drop Tail drop Minimum Maximum Mark

pkts/bytes pkts/bytes pkts/bytes thresh thresh prob

default 7/495 0/0 0/0 20 40 1/10

cs4 10637/5850350 0/0 0/0 28 40 1/10

cs6 8/688 0/0 0/0 32 40 1/10

thanks in advanced

Alex

heiki saaver · ‎08-01-2013

does it start matching when removing BEST-EFFOR class from the WAN-EDGE-TO-PROVIDER policy-map?

im interested in a solution myself.

Joseph W. Doherty · ‎08-01-2013

Disclaimer

The Author of this posting offers the information contained within this posting without consideration and with the reader's understanding that there's no implied or expressed suitability or fitness for any purpose. Information provided is for informational purposes only and should not be construed as rendering professional advice of any kind. Usage of this posting's information is solely at reader's own risk.

Liability Disclaimer

In no event shall Author be liable for any damages whatsoever (including, without limitation, damages for loss of use, data or profit) arising out of the use or inability to use the posting's information even if Author has been advised of the possibility of such damage.

Posting

Don't know if it's the issue the issue, but in your REALTIME class you're using "match dscp" and in your CRITICAL-TRAFFIC class you're using "match ip dscp". I believe there's a subtle difference between the two versions, but I don't recall what it is without some research.

Also BTW, you BEST-EFFORT class might be replaced by using the class-default class (avoids the need to defined an explicit class).

Jose Jara · ‎08-02-2013

Joseph,

the difference between "match dscp" and "match ip dscp" is that with the keywork ip will match IPv4 packets and without ip, IPv4 and IPv6 packets. So, it should work. However, I would test with match ip dscp to see if there are matches in REALTIME class.

Best Regards,

Jose.

alex.dersch · ‎08-04-2013

Hello Jose,

I tried it with and without the ip keyword. Both times it didn't work. Even removing the Best Effort class helped.
I will Open a tac Case tomorrow and update this discussion as well

Regards
Alex

Sent from Cisco Technical Support iPad App

paul driver · ‎08-04-2013

Hello Alex

This policy map will only act upon matching dscp values. So do have these values being marked already?

Res
Paul

Sent from Cisco Technical Support iPad App

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

alex.dersch · ‎08-04-2013

Hello Paul,

I am sending packets from a traffic generator. I sent packets marked with dscp cs4.

Regards

Alex

Sent from Cisco Technical Support iPad App

paul driver · ‎08-04-2013

Hello

So can you confirm this traffic generator is creating dscp value of 32 (cs4)

Res
Paul

Sent from Cisco Technical Support iPad App

Please rate and mark as an accepted solution if you have found any of the information provided useful.
This then could assist others on these forums to find a valuable answer and broadens the community’s global network.

Kind Regards
Paul

alex.dersch · ‎08-05-2013

Hi Paul,

yes i can confirm. I did couple other tests, i send IP SLAs from a switch behind the router. And it seems the router does not recognize any dscp values from afxx classes. here are my ip sla config

ip sla schedule 140 life 60 start-time now

ip sla 150