Cisco Support Community
cancel
Showing results for 
Search instead for 
Did you mean: 
Announcements

Welcome to Cisco Support Community. We would love to have your feedback.

For an introduction to the new site, click here. If you'd prefer to explore, try our test area to get started. And see here for current known issues.

New Member

Strange issue with Outgoing access-list and QoS

Hi all

I have the following issue, which I guess may be due to my IOS version.

IOS (tm) 3700 Software (C3745-IK9S-M), Version 12.3(6b), RELEASE SOFTWARE (fc1)

When I apply an outgoing access-list to an interface, my QoS shaping ceases to function. When I remove the access-list the QoS shaping kicks in.

In this version of IOS are security access-lists and QoS shaping mutually exclusive? or do I need to configure additional paramaters.

Any ideas?

3 REPLIES
Gold

Re: Strange issue with Outgoing access-list and QoS

Check this link.

On output acl are processes before most QoS. It does not explicitly say shaping but I suspect it is done after the ACL.

http://www.cisco.com/en/US/tech/tk543/tk757/technologies_tech_note09186a0080160fc1.shtml

New Member

Re: Strange issue with Outgoing access-list and QoS

Thanks for that.

I read the article, and the output ACL is processed before QoS.

My outgoing access-list has the 'reflect' option and is not processed, when I remove the 'relect' option, QoS kicks in.

Any ideas.

Gold

Re: Strange issue with Outgoing access-list and QoS

This is strange since reflexive acl modify the incoming access list and should not really affect the outbound traffic.

Sounds like a bug but its been a while since I used reflexive access lists. I generally use CBAC but you need the firewall feature set to do that.

This one sounds like a good case to call the TAC if you have a service agreement.

222
Views
0
Helpful
3
Replies