Removing this entry as I was logged in with my old account. Re-posted under akomili

Hi Raj

Here is the current output (it's the same on both N9Ks), bearing in mind we removed the marking and queuing from the interfaces because it wasn't working properly:

N9K# sh run ipqos

!Command: show running-config ipqos
!Time: Thu Aug 23 17:31:07 2018

version 7.0(3)I2(3)

class-map type qos match-any CC-servers
  match access-group name CC-traffic

policy-map type qos classify
  class CC-servers
    set qos-group 1
  class class-default

policy-map type queuing shape-out
  class type queuing c-out-q3
    bandwidth remaining percent 0
  class type queuing c-out-q2
    bandwidth remaining percent 0
  class type queuing c-out-q1
    bandwidth percent 5
  class type queuing c-out-q-default
    bandwidth remaining percent 95

N9K# sh ip access-lists CC-traffic

IP access list CC-traffic
  10 permit ip <public IP>/32 any
  20 permit ip <public IP>/32 any

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

We were marking the traffic on a port-channel as follows:

int po101
  service-policy type qos input classify

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

And queuing the traffic on a physical interface outbound:

int eth1/48
  service-policy type queuing output shape-out

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

Here is the config for those L2 interfaces, along with some other show command output:

N9K# sh run int po101
interface port-channel101
  description VPC to Rack 1 5524s
  switchport mode trunk
  vpc 101

N9K# sh run int ethernet 1/48

interface Ethernet1/48
  description Internet
  switchport access vlan 504
  spanning-tree port type edge

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

N9K# sh port-channel summary interface port-channel 101
--------------------------------------------------------------------------------
Group Port- Type Protocol Member Ports
Channel
--------------------------------------------------------------------------------
101 Po101(SU) Eth LACP Eth1/31(P) Eth1/32(P)

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

N9K# sh run int eth1/31

interface Ethernet1/31
  description VPC to Rack 1 5524s
  switchport mode trunk
  channel-group 101 mode active

N9K# sh run int eth1/32

interface Ethernet1/32
  description VPC to Rack 1 5524s
  switchport mode trunk
  channel-group 101 mode active

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

interface Vlan504
  description ISP Transit
  no shutdown
  ip access-group VLAN504_in in
  vrf member ISPtoDMZ
  no ip redirects
  ip address <public IP>/29
  hsrp version 2
  hsrp 504
  authentication md5 key-string 504
  preempt delay minimum 30
  priority 150
  timers 1 3
  ip <public IP>

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

N9K# sh run vrf ISPtoDMZ

interface Vlan502
  vrf member ISPtoDMZ

interface Vlan504
  vrf member ISPtoDMZ
vrf context ISPtoDMZ
  description ISP to DMZ Sonicwall Bypass
  ip route 0.0.0.0/0 <public IP>
  ip route <public range>/24 <public IP>

!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!!

The N9K version is C9396PX running 7.0(3)I2(3). Let me know if you need more info.

Thanks for your help

AO

Sorry I missed following up on this thread. I tested on a later release 7.0(3)I4(7) and this seems to work.

I generally avoid suggesting an upgrade as a solution but sometimes I have found that customer are more open to that idea if it can solve issues quickly. If you want to tread that path then use this link on the recommended release.

Meantime I will try to test this on your existing release and revert back.

-Raj

Hi Raj

Thank you, that would be so helpful if you could test on our current release! From the link it looks like we should be upgrading anyway as we are a few releases behind. I'll work on putting a plan together for that but yes in the meantime it would be great to know if the QoS issue is related.

Thanks

AO

Works for me in 7.0(3)I2(3). I would open a TAC case to deep dive.

//NXOS: version 7.0(3)I2(3)

ip access-list CC-traffic
  10 permit ip 10.1.1.1/32 any

version 7.0(3)I2(3)
class-map type qos match-any CC-servers
  match access-group name CC-traffic
policy-map type qos classify
  class CC-servers
    set qos-group 1
  class class-default
policy-map type queuing shape-out
  class type queuing c-out-q3
    bandwidth remaining percent 0
  class type queuing c-out-q2
    bandwidth remaining percent 0
  class type queuing c-out-q1
    bandwidth percent 5
  class type queuing c-out-q-default
    bandwidth remaining percent 95


interface port-channel101
  service-policy type qos input classify

interface Ethernet1/3
  service-policy type queuing output shape-out
 
 
interface Vlan500  >>> incoming
  description ISP Transit
  no shutdown
  ip address 10.1.1.2/24

interface Vlan504  >>> outgoing
  description ISP Transit
  no shutdown
  ip address 10.1.4.2/24
 

// Outputs

9396_A# sh policy-map int e1/1


Global statistics status :   enabled

Ethernet1/1

  Service-policy (qos) input:   classify
    SNMP Policy Index:  285213622

    Class-map (qos):   CC-servers (match-any)

     Slot 1
        270 packets   >>>>>>>>>>>>>>>>>>>>
     Aggregate forwarded :
        270 packets
      Match: access-group CC-traffic
      set qos-group 1

    Class-map (qos):   class-default (match-any)

     Slot 1
        612 packets
     Aggregate forwarded :
        612 packets

  Service-policy (queuing) output:   default-out-policy

    Class-map (queuing):   c-out-q3 (match-any)
      priority level 1
      queue dropped pkts : 0
      queue depth in bytes : 0

    Class-map (queuing):   c-out-q2 (match-any)
      bandwidth remaining percent 0
      queue dropped pkts : 0
      queue depth in bytes : 0

    Class-map (queuing):   c-out-q1 (match-any)
      bandwidth remaining percent 0
      queue dropped pkts : 0
      queue depth in bytes : 0

    Class-map (queuing):   c-out-q-default (match-any)
      bandwidth remaining percent 100
      queue dropped pkts : 0
      queue depth in bytes : 0
      
      
// Queueing


9396_A# sh queuing interface e1/3

slot  1
=======


Egress Queuing for Ethernet1/3 [Interface]
------------------------------------------------------------------------------
QoS-Group# Bandwidth% PrioLevel                Shape                   QLimit
                                   Min          Max        Units   
------------------------------------------------------------------------------
      3             0         -           -            -     -            6(D)
      2             0         -           -            -     -            6(D)
      1             5         -           -            -     -            6(D)
      0            90         -           -            -     -            6(D)
+-------------------------------------------------------------------+
|                              QOS GROUP 0                          |
+-------------------------------------------------------------------+
|                |  Unicast       | OOBFC Unicast  |  Multicast     |
+-------------------------------------------------------------------+
|        Tx Pkts |               0|               0|               0|
|        Tx Byts |               0|               0|               0|
|   Dropped Pkts |               0|               0|               0|
|   Dropped Byts |               0|               0|               0|
|   Q Depth Byts |               0|               0|               0|
+-------------------------------------------------------------------+
|                              QOS GROUP 1                          |
+-------------------------------------------------------------------+
|                |  Unicast       | OOBFC Unicast  |  Multicast     |
+-------------------------------------------------------------------+
|        Tx Pkts |               0|             200|               0|  >>>>>>>>>>>>>>>>
|        Tx Byts |               0|           20400|               0|
|   Dropped Pkts |               0|               0|               0|
|   Dropped Byts |               0|               0|               0|
|   Q Depth Byts |               0|               0|               0|
+-------------------------------------------------------------------+
|                              QOS GROUP 2                          |
+-------------------------------------------------------------------+
|                |  Unicast       | OOBFC Unicast  |  Multicast     |
+-------------------------------------------------------------------+
|        Tx Pkts |               0|               0|               0|
|        Tx Byts |               0|               0|               0|
|   Dropped Pkts |               0|               0|               0|
|   Dropped Byts |               0|               0|               0|
|   Q Depth Byts |               0|               0|               0|
+-------------------------------------------------------------------+
|                              QOS GROUP 3                          |
+-------------------------------------------------------------------+
|                |  Unicast       | OOBFC Unicast  |  Multicast     |
+-------------------------------------------------------------------+
|        Tx Pkts |               0|               0|               0|
|        Tx Byts |               0|               0|               0|
|   Dropped Pkts |               0|               0|               0|
|   Dropped Byts |               0|               0|               0|
|   Q Depth Byts |               0|               0|               0|
+-------------------------------------------------------------------+
|                      CONTROL QOS GROUP                            |
+-------------------------------------------------------------------+
|                |  Unicast       | OOBFC Unicast  |  Multicast     |
+-------------------------------------------------------------------+
|        Tx Pkts |             810|               0|               2|
|        Tx Byts |           57248|               0|             128|
|   Dropped Pkts |               0|               0|               0|
|   Dropped Byts |               0|               0|               0|
|   Q Depth Byts |               0|               0|               0|
+-------------------------------------------------------------------+
|                         SPAN QOS GROUP                            |
+-------------------------------------------------------------------+
|                |  Unicast       | OOBFC Unicast  |  Multicast     |
+-------------------------------------------------------------------+
|        Tx Pkts |               0|               0|               0|
|        Tx Byts |               0|               0|               0|
|   Dropped Pkts |               0|               0|               0|
|   Dropped Byts |               0|               0|               0|
|   Q Depth Byts |               0|               0|               0|
+-------------------------------------------------------------------+

Port Egress Statistics